We have been continuing to gather and analyze data on software piracy since we issued our first reports last summer and are ready to issue the first part of our Software Piracy Risk Assessment Report.
The first installment is a detailed review of crack releases and piracy enablement approaches. Tampering or bypassing the embedded license enforcement is a key enabler of piracy. Most high value applications have adopted third party licensing systems to enforce software entitlements for their customer base.
We reviewed 83 separate piracy group distributions of cracked software that were released between 2007 and 2009 from 39 Independent Software Vendors (ISVs). These high value applications have an average list price exceeding $4,000 (USD) per user seat and are used for Architecture
Engineering and Construction (AEC), Computer Aided Design (CAD), Computer Aided
Machine (CAM), Computer Aided Engineering (CAE), Electronic Design Automation
(EDA), Product Lifecycle Management (PLM), and other specialized engineering
and scientific modeling and analysis.
Interestingly, the top five piracy groups (out of 212) contributed 59% of the cracked releases in the study.
All of the pirated software releases used a crack mechanism or other approach to tamper with license enforcement and enable illegal use. However, there was a great range in terms of how well documented the cracks were and the level of expertise required to configure the crack. Three general approaches were used (click image to enlarge):
The analysis also revealed that the piracy groups and the reverse engineering talent they recruit can tamper with a variety of hardware and software based licensing systems to enable overt piracy. Strengthening licensing using hardware dongles or tamper resistant licensing may be useful prevention for overuse within a licensed customer environment, but it should not be viewed as a defense against overt piracy.
Vice President, Products & Strategy at Revulytics
Victor DeMarines brings extensive security product management and marketing experience to Revulytics, where he is responsible for product strategy and direction. He is a frequent speaker and author on topics including piracy, reverse engineering and the protection of intellectual property.
No one likes to be audited. On its own, the word “audit” implies wrongdoing or, at the least, carelessness. Opening the books ...
It looks like a great deal. For just $189.99, you can download the latest version of the Microsoft Office Professional 2019. ...
As we look back on 2019, we want to share some of our most popular blog articles on software license compliance and piracy. ...