Spying on the Pirates
Piracy isn't just for software vendors anymore. But if IT departments can't stop piracy, they should at least track it.
That's the message from V.i. Laboratories Inc., a Waltham, Mass.-based provider of software-protection applications. In December, V.i. Labs began offering free piracy analysis to companies that are vulnerable to having applications copied or cracked.
Any company that develops software and uses it externally should worry about piracy and tampering, says Victor DeMarines, VP of products at V.i. Labs. And DeMarines isn't just talking about frequent targets of pirates such as makers of video games or application-software providers -- he's also talking about large IT organizations in enterprises that have their own dev teams.
"We're dealing with organizations that are very concerned about their intellectual property [IP]," DeMarines says. "Companies that are starting to push outside of their perimeter -- this is when the concern raises. As people do a better job to lock down their perimeter, the application becomes the way in. You can embed into an application malware that can do damage ... It becomes an avenue of attack into the enterprise."
Piracy isn't something that IT shops can stop, but they can understand how and where it happens, how it affects their businesses and what they can do about it, DeMarines says.
With the rate of pirated software at about 20 percent in the United States and approaching 70 percent globally, according to DeMarines, understanding how to track and respond to piracy is as important now as it has ever been. A declining economy, he adds, will likely only exacerbate the problem.
"It's not a space of absolute security," he says. "If you're worried about IP, you're going to immediately move to a more preventative protection strategy."
For V.i. Labs' customers, that strategy includes using CodeArmor Intelligence, an app that developers can embed in their software. CodeArmor Intelligence tracks how and where pirates have tampered with software, and reports that information back to the customer.
"[Pirates will] go and modify the binaries, and they'll strip them out so they're no longer effective and then repackage it and release it to the piracy channel," DeMarines says. "When we see that the software has been tampered with, we have functionality that will collect a set of information and bring that info back to the ISV."
Fighting for Protection
It doesn't stop piracy, DeMarines says, but it lets companies know who's cracking their software and who's using it illegally. With that information, companies can track down users of pirated software and take action, often through the legal system.
Still, DeMarines emphasizes, it's not software alone that will curb piracy. IT shops have to be tenacious in fighting it once they've discovered where and how it's happening.
"There's no magic bullet -- it's going to be a combination of legal recourse and trying to leverage your products," he says.