Revulytics Blog

Strategy behind CodeArmor Intelligence - “LoJack for your software”

August 20, 2008

Subscribe

Some call it phone home technology, others call it a piracy lead generator, but probably the best analogy I have heard about our new product CodeArmor Intelligence, is “LoJack for your software”. It’s actually an appropriate one. The goal of Intelligence is to alert software vendors when their software has been tampered with and then provide them with enough data about the organizations using the software to take action.

In the case of piracy, the action may be to pass the evidence to SIIA or BSA (“the police”), but we also hope that the vendors’ value added resellers and sales organizations become the first responders before pursuing time consuming legal action. To complete the analogy, it’s not your car that’s been stolen but your next major software release that’s been tampered or cracked (e.g., binary patch, license server hacks, abuse of floating licenses or other infringement events).

Although we borrowed tamper detection technology from the CodeArmor Software Protection product, this is a completely new product and one that we believe attacks the piracy problem head on. Many vendors (and even very large software vendors) have seen the evidence that piracy groups are targeting their software, but have not been able to answer the real question: who is actually using their cracked software? and if we knew who it is, could we recover revenue from them?

No amount of data gathered at the piracy group level or even at the distribution layer can quantify the actual revenue loss for a release. Understanding who is cracking your software is useful, but gathering the number of P2P downloads or number of times a crack release is mentioned on FTP, IRC channels, and Web sites means very little. We know through our own analysis that there are individuals and groups who love to collect expensive software for bragging rights rather than use.

Of course what does warrant attention and requires intelligence is the piracy of high value software. There is a big difference between anti-virus desktop software and the EDA and CAD applications used to create chips and other products. Knowing the growth of manufacturing services and businesses in emerging markets, and seeing EDA and PLM software being targeted and cracked so easily (and so often) by the various piracy groups supports the supposition that a criminal endeavor exists to feed real businesses’ demand for this software. Of course, CodeArmor Intelligence is not limited to vendors in this space – at its core is a system to detect threats, collect data on the threat event, and report this data to software providers in a way that the data can be viewed easily and without a lot of complex infrastructure.

So our real goal with this product is to provide organizations with a way to actually quantify their piracy problem and go the next step and generate what we are calling “Piracy Leads.” This is what actually drove us to leverage Salesforce.com’s platform-as-a-service model. At the end of day the evidence that is collected by Intelligence can identify these infringing businesses – and since these businesses should be customers, we consider them to be leads even if they are using pirated software.

Lastly, I am happy to say that CodeArmor Intelligence was not only conceived by a start-up with a good idea, but was validated through the commitments made by large ISVs.

Activate Your Data-Driven Compliance Program

Add new license revenue by detecting, identifying and converting unpaid users into paying customers.

Victor DeMarines

Post written by Victor DeMarines

Vice President, Products & Strategy at Revulytics

Victor DeMarines brings extensive security product management and marketing experience to Revulytics, where he is responsible for product strategy and direction. He is a frequent speaker and author on topics including piracy, reverse engineering and the protection of intellectual property.