Newsletter "Behind the Scenes" Newsletter

May 2015The monthly newsletter by Felgall Pty Ltd

My Word

Software Security

In the early days of computers, software was shared. Those who wrote software for the early mainframe computers would share what they had written with the others who also wanted to write software for those computers. When a problem arose that one person couldn't solve, someone else would find and share the solution. As only a small number of people had access to use these computers and each was different to every other computer, there was no issue with people copying software.

The introduction of what were originally called microcomputers and which are now generically called PCs (after IMBs original computer of this type) meant that lots more people had access to computers. While there were a number of incompatible types of computers, there were large numbers of each type. The sharing culture still existed but a few people started to consider the possibility that there was money that could be made from writing software provided that it wasn't shared around. One of the first companies to start producing software to sell rather than share was Microsoft - who had created a programming language called BASIC. Of course with the sharing culture they tried to introduce it into early versions were copied and shared and many people ended up running buggy versions that they copied rather than the buying the proper working version.

As computers became more standardised so that the same software could run on different brands of computer the market for selling software grew as did the number of people who could benefit from being able to copy the software without paying for it. Those trying to sell software started implementing measures to try to prevent copying. A number of different software and hardware methods were tried, for example:

  • Supplying the software with a dongle (a device that had to be plugged into the computer while running the software for the software to work).
  • Asking the person to enter a word from a specified location in the manual. While the manuals were generally not all that big, most people at the time didn't have access to photocopiers.
  • Placing something in a non standard location on the disk that therefore wouldn't be there on a copy of the disk.

When CD ROM drives were introduced into computers stopping copying became easier as a copy on thirty or more floppy disks was far less convenient that a single CD and would likely not work properly anyway. Often the program required the CD to be left in the drive while it was running. This approach stopped working once CD burners became available and the introduction of DVD readers didn't help because most programs were still small enough to fit on a CD.

The introduction of the internet introduced a whole new level. Sharing copies of software became much easier. It also made possible new security measures to try to prevent such copying from being useful. Some software implemented (and in some cases still use) a process where codes associated with specific hardware components in a given computer are used to generate a value which is sent along with the serial number specific to that copy of the software to the software owner over the internet to register that copy for use on that specific computer. The software can then check each time it is used to make sure that it is running on the computer it is registered to run on. To avoid disabling a legitimate copy these processes usually allow for a gradual change in the hardware in the computer and also will allow additional installs on different computers as long as they don't occur too frequently (for when you upgrade to a new computer). This doesn't completely prevent copies being installed that are not paid for but does limit most people's ability to make lots of such copies. An interesting quirk is that many pieces of software that use this technique did not pay the owner of the software that implements it for the copy they incorporated into their software.

Another issue when offering software for sale on the web is making sure that people pay for it. Measures can be built into the payment processor that will prevent access to the download until the payment processor has processed the payment, however as the software is digital goods and none of the online payment methods have a mechanism in place to ensure that only the owner of the account or card can make a payment, the card or account owner can claim that someone else used their card/account to make the payment and their payment will be returned to them. There is no way though to confirm whether it actually was them made the purchase.

Where an online purchase of software to run on their local computer is cancelled then if the software uses the previously mentioned approach of validating the copy to run on a specific computer then the serial number can be cancelled so as to prevent whoever got the downloaded copy from installing it. For software to be installed onto their web site things are a bit more difficult.

At one point someone purchased a script from me that is intended to prevent people gaining access to scripts prior to Paypal acknowledging receipt of the payment, and who then cancelled the order giving them access to a free copy of a script designed to prevent gaining free access to scripts other than via the method they used. For a while after that I had some processing concealed in the code of my scripts that did a callback to a script on my site to verify the serial number before allowing the script to run. Of course anyone who knew the language the script was written in and who could locate the relevant code could remove it but most people buying the scripts didn't have that knowledge. I eventually decided that this was too much effort and removed that code from subsequent versions.

With computer software it is now effectively accepted that there will be a certain amount of copying of programs by people who don't pay for them. A high enough percentage of people prefer to obtain a legitimate copy that they paid for to allow the software developers to make a good living from their software. In fact the problems caused by people running old buggy copies of software instead of paying to upgrade to a newer version has now reached the point where Microsoft has decided to offer anyone running a supported version of their software whether legitimately purchased or a copy will be able to obtain a legitimate upgrade to the next version of their software. The benefit in being able to drop support for the older versions sooner will apparently result in greater savings than the revenue lost by giving away copies of the new version.

When it comes to scripts to run on the web it is becoming more common to offer hosted versions of scripts rather than offering scripts for download to install on your own site. This approach both allows for a subscription based system where the access is paid for by time period instead of a one off payment and also ensures that everyone is running the same version of the code making support much easier.

The software industry appears to be at the point (or close to the point) of having resolved how to deal with copyright issues with their software and scripts. It is impossible to prevent everyone from taking copies of their products but the benefits they offer to those who obtain legitimate copies ensure that they make a profit (in some cases a very large profit).

On Site

This month sees a larger variety of different topics than I have written about in a while as my latest project has led to my discovering a number of topics that I hadn't covered at all on the site. My club membership site has now been moved to allowing me to consider rearranging some of my other sites.

What's New

The following links will take you to all of the various pages that have been added to the site or undergone major changes in the last month.

Main Links

Ask Felgall
Past Newsletters
Sign Up/Unsubscribe
Question Forum


Interactive Web
PC Software
Comms Software
Word Processing
Book Reviews

Other Links

My Javascript Site
My Blog