Warez World David McCandless   26.07.2001 The world of software pirates: A story of hunters and gatherers You are walking past a hi-fi shop. On display is an handsome but expensive stereo. It's way beyond your price range. Under normal circumstances you just wouldn't be interested. But this is no ordinary shop. Its window has no glass. There are no alarms. And if you take the stereo, the owner will not lose out, because another will instantly spring up in its place. What's more, you can take that stereo and nobody will stop you. Nobody will even see you take it. Nobody will come after you. Nobody will ever know you have it. You will never be caught. Ask yourself. Would you take the stereo? The Internet has been designed for one thing and one thing only - the free exchange of information. But information is a unique commodity. You can give it away and keep a copy for yourself. If the information has value, a price tag in the real world like computer software or commercial music encoded into MP3 for example, you start to get problems. Big problems. Radium's improved MP3 codec spread around the world at Net speeds In the story of the software industry's fight to stem the Internet's vast copyright leak and the Internet underground's efforts to keep their elaborate piracy networks alive, there are two different perspectives, two different yet overlapping worlds. On one side in the world of business, familiar and dull, the domain of the $15 billion dollar software industry, its development costs, marketing teams, profits and loss, lawyers and police. On the other is Warez World, the colourful, techno over-underworld, where expert crackers, marauding pirate groups, and hard working couriers, subvert the technology of the Net to traffic electronic data around the planet. This is a world of thrills, prestige, paranoia and fear. A world where expert crackers who strip the protection from expensive new software and upload copies onto the Net within hours of its release. A world of wannabes and obsessive collectors, hard-drives stuffed like stamp albums with illegal programs they'll never use. Mad Hatter's world This is Mad Hatter's world. Somewhere in Florida, on a Sunday morning, the 44 year old ex-dragster racer is sipping at a glass of Seagram's Ginger Ale, and checking his computer, which has been running automated scripts all night. Mad Hatter is the ringleader of the software piracy group called the Inner Circle. Finding no errors, he reads his email. 30 or so new messages: some personal stuff, a bit of fan mail, a few snippets of interesting information, two flames, four requests. He's got a shell account on a FTP server in Sweden. With IRC running constantly in one window, he surveys the contents of a few private sites. He types quickly, creating directories, selecting filters, and sending files darting from server to server. While he eats breakfast with his family, another wave of automated scripts kick in. His ISDN connection hums into life. A steady stream of information departs his machine and vanishes into the ether. By the end of the day, he will have poured 100 megabytes of illegal "warez" out into the Internet. "Most products you buy from a store can be returned if you are unsatisfied," says Mad Hatter. "Software cannot." "Warez is a place to find something you might want to evaluate before purchasing," adds TAG, the Analogue Guy, a computer animator and Inner Circle leader. "And we advocate buying that software if you really like it and use it heavily." The world of the "technical investigators" On the other side of the world, Kyle is arriving for work. The five-storey headquarters of networking giant Novell in Bracknell, England is tall and glossy. Kyle's office, however, is a mess. Computers are piled on every shelf: shiny desktops, disembowelled minitowers and battered servers, their every last expansion slot jammed with DAT machines, CD-ROM burners, extra hard drives. A metal unit sits in one corner, stacked with monitors, video equipment, and spare keyboards. The 24 year old network systems engineer may look like another desk jockey in a suit and tie but his job in unique and highly specialised. "I play on the Net all day," he says, "and get paid for it." He's an undercover Internet detective and a key member of Novell's Internet Piracy Unit (IPU), a global group of "technical investigators" who scour the Net 24 hours a day, searching for those like Mad Hatter who trade in unlicensed software products - and busting them. He spends his working week infiltrating warez world, gathering evidence, pretending to be a trader, a courier, a cracker, a newbie, a lamer, a lurker, and a leecher. As Napster has shown the world, the Internet has a vast copyright leak. The new breed of file swapping technologies like Napster are just a new dimension to the already ancient battle between the software industry and the pirates. A battle which has spilled out from bulletin boards and modems of the early 1990's, across the Internet and beyond, to the profit pirates and counterfeiters of Eastern Europe and the Far East. Napster just gave the previously virgin and complacent music industry their first taste of the flipside of the new information revolution. A rude awakening to Microsoft, Novell and co have already learnt - that most laws disintegrate on contact with the Net and that given the opportunity to take stuff for free and not be caught, people take stuff for free. In Kyle's world, the rules are clear. Software is a valuable product. Software is money. Applications like AutoCAD, 3D Studio Max, Microsoft Server, Novell Netware cost thousands of dollars a shot. Piracy therefore is theft. The industry claims to lose $15 billion a year to piracy, the majority to unlicensed copies on corporate networks and Far East/Eastern European organised counterfeiting. But $5 billion leaks out through the Internet, through warez world at a rate of $5 million per day. Theft? No: it's a game Mad Hatter's world, they laugh at such numbers. Price tags and lost revenue mean nothing. When you pirate something you would have never bought or could never afford, how can that constitute a lost sale? At the fringes of Warez World, like a great big sluice emptying into the sea, is Usenet. Of the tens of thousands of discussion groups, 100 or so are dedicated to piracy. In alt.binaries.warez.ibm-pic, files are posted for all to download, free. No pressure. Just fire up your newsreader, point it at the appropriate forum, and a list of the latest software spills down your screen like a home-shopping catalogue. Download away. If you like the vibe, join the community and contribute. The warez is old, maybe a few days, a couple of weeks. The freshest stuff is found in the hectic trade rooms of IRC. But Usenet is a good entry level for the newbie and the casual - or anyone who just wants a specific piece of software. A typical week will see Adobe Photoshop, Microsoft Office, 3D Studio Max posted, plus the latest versions releases of Windows. All this plus impossibly early pre-release alphas and betas, web tools, net apps, games, and utilities. Everything for the forward-looking computer user. Postings vary from a few bytes (for a copy protection crack) to hundreds of megabytes for the entire ISO image of a CD. Once, everything had to be packaged up small for modems, but now in the age of xDSL and cable modems, gigabytes of fresh pirated data pours through every day. All chopped into tiny packets (so the parts can propagate from one server to the next without clogging the feed), compressed and uploaded. "We're on the non profit side of the warez feeding chain," insists TAG. The warez crackers, traders, and collectors don't pirate software to make a profit. They pirate software because they can. The more a manufacturer harden a product with anti-copying systems, the more fun it becomes to break. Theft? No: it's a game, a pissing contest, a bunch of dicks and a ruler. It's a hobby, an act of bloodless digital terrorism. It's "Fuck you Microsoft". It's about being the first to have something the other guy doesn't. "It's an obsessive game," explains Mad Hatter. "My computer is online 24 hours a day. When I was out of work on disability, I was totally motivated by the thrill of massive uploads, uploading at least 40 Mbytes a day for four months straight" Warezheads can't sleep unless they swell their coffers by at least one application a day. What's more, they don't really need that Java Development Kit or this Photoshop plug-in - the thrill is in creating the new subdirectory and slotting the tightly packed zip file cleanly, reverently, into the collection. They may even install it. Then toy absentmindedly with its toolbars and palettes before tucking it away and never running it again. Mad Hatter knows the feeling. "We see it every day - people begging for something to 'finish their collection'. There are a lot of lamers out there." Usenet is magnet for lamers. In common Net prejudice, anyone who uses AOL automatically qualifies for lamer status but other cardinal sins include: uploading a virus-infected file (sloppy and dangerous); posting a 'me too' comment onto somebody else's request (clogging bandwidth); posting single disks, instead of the whole release (annoying); posting OBZ - one big zip - instead of neatly fragmented file parts (bad karma for those with unreliable servers). And, worse of all, upping lists of secret FTP sites or hidden servers is much frowned upon. The cops are, after all, watching. "We quickly discovered just how scary search engines like Altavista were," explains TAG. " You could dig up real email addresses pretty easy on about 75 percent of people posting warez." Worried, he hacked into the code of Forte Agent, an industry standard newsreader already cracked to bypass its shareware cripples, and stripped away the X-newsreader header, giving posters far greater anonymity. As a side effect, the patch also reduced email spams by two-thirds. "The hack went over so well with even nonwarez people that Forte eventually incorporated it into Agent as a feature," TAG says proudly, "although I don't think they'll be giving us credit." For a while, the Inner Circle took it upon themselves formed to try to maintain and moderate the warez groups. They issued their own Warez-FAQ with three commandments - good manners, good use of bandwidth, and good warez - and hoped people would step in line. But, like the software companies, they soon find that imposing some order on the lawless wastelands was impossible. "We became burnt out on educating the masses," Mad Hatter says. Instead they created the Interesting Parties List (IPL), a range of guaranteed high-level, lamer-free, encrypted news groups for posting PGP (Pretty Good Privacy)-encoded warez for approved members only. Those on the list are given a monthly password to unlock the software. The only sign up requirement is a reasonable knowledge of PGP. "Hopefully this is a sign you won't be totally incompetent if you choose to post," says TAG. Today, years after its inception, the IPL is still trading. IRC trading rooms For many in warez world, however, encoded Usenet posts are way too slow and unreliable for their trading needs. They, instead, turn to Internet Relay Chat (IRC), the main trading hub of Warez World which operates like a 24-hour stock exchange cum street market. IRC is solid with infringed copyright in hundreds of channels - FreeWarez, Warez4Free, WarezSitez, AudioWarez, WarezGamez. Pre-Napster, the MP3 community traded here. There are private chat rooms, hidden areas, and invite-only piracy parties, packed with an eerie mix of real people and 'bots', automated macros with their own personalities and abilities like computer characters in a role playing game. Finger one and you could be instantly transported to an FTP somewhere in the ether. Finger another to get the latest warez gossip. Some act as bartenders, allowing participants to buy virtual drinks and smokes for each other. Come to IRC for the latest, freshest releases but don't expect a free lunch. Every piece of software must be paid for - in software. The more recent the application, the higher its value. The ultimate bartering tokens are zero day warez - software released within the last 24 hours, cracked if necessary. Handling zero-day warez increases your reputation. If you've got a nice fast connection to the Net and good contacts, you could earn instant download status on an exclusive server, logins and passwords for Elite FTP sites, or even admission into the ranks of a powerful cartel like Razor 1911, Class, Paradigm, Siege, Xforce, or RiSC. "Zero day sites are very elite stuff," explains the Inner Circle's paid-up elitist TAG. "People can get access only if they can move a few hundred Mbytes a day. Most are invite only. The average IRC warez trader doesn't get that kind of access unless they put a lot of work into it." Zero day trading is a fraught business. Direct competition between groups often leads to malpractice. "You get a lot of first release with bad cracks," says TAG. "Just so someone can say they released first. Then two days later, you get a working crack." A step down the chain are drop sites, where fresh warez can be found in exchange for an upload. Some drop sites run on the trader's own machine; others piggyback government or corporate mainframes, shareware mirrors, and university networks. Often they're only up for 24 hours or on weekends when the site managers are at home and no one's checking the logs. IRC is self-organising, self-regulating. Many of the traders are friends, and just hang out. The chat is polite and measured. "Greets. Have 1.5 gigs of warez on anonymous T1. Upload for leech access. /msg me for more info. No lamers. Thanx." "No one in the real warez scene is here to profit," says one trader known as Diamond. "We are in it for the same reason some people try to do 200 foot jumps on a bike. It's all about saying we are cool and showing off. You also make a lot of friends in the scene and that's the best part for me." Climate of fear Like any underground scene, paranoia is commonplace. Be careful who your friends are. In his office in Novell UK, Kyle monitors these forums daily, logging usernames and dialogue, hoping to gather enough details and evidence to justify a bust. Once, however, the BSA's mission was not to capture pirates but to "eradicate piracy". When that didn't take, education and the raising of awareness was replaced by scare tactics and exemplary punishment. "Our strategy is to bring a critical mass of prosecutions," says Martin Smith, the one time head of Novell's anti-piracy division. "We'll take out some people who're downloading this material - the gnats - and then we'll take out some of the larger, more organized guys. We want to create a climate of fear." This translates into two or three hefty slaps a year for warez world. In the last five years, the BSA have arrested IRC traders in California. They have busted college students running piracy out of their collegiate servers at MIT. And with the help of local police, they've broken down doors and raided homes in the Netherlands, South Africa, and Chile. Kyle has been on a few busts. He goes along to ensure no computer evidence is damaged. One of his first was in Zurich in 1996. Novell called it a "landmark case against individuals and organizations distributing unlicensed software on the Internet" A 27-year old computer technician, who had helpfully called himself "The Pirate", was running an FTP site filled to the brim with warez, including US$60,000 worth of unlicensed Novell software, plus the now obligatory "bomb making recipes". "He was one of the new breed who advertise on the Internet," says Kyle. "He made his files available via email requests" Kyle, impersonating a trader, infiltrated the site, collected evidence, and then handed it over to the Swiss police. The police also raided the HQ of a BBS called M-E-M-O, run by The Shadow, an associate of The Pirate. Unfortunately The Shadow was on holiday with his parents at the time. The family returned two weeks later to find their front door broken down and their son arrested. Busts like these were once typical operations for the BSA's but now new "unrestrained" technologies are devouring their resources. "Auction sites like ebay are becoming an increasingly problem for us," says Matt Thomsett, the Novell's new Anti-Piracy Manager. "We estimate that 90% of Novell products advertised on them in the US are illegal". Microsoft too has taken high-profile action against over 7500 auction sites postings offering counterfeit software. Rogue States At the same time, governments, too, are waking up to data trafficking. The rise of e-commerce has promoted several Western countries to start assembling glamorous-sounding Cybercrime Squads. Hey are those tax dollars slipping through our fingers? The age old problem of 'rogue states' however persists. "All it needs is one server in one country where there are no laws to counter copyright theft, and there are plenty who will," says Martin Smith. "One country with a decent enough telephone infrastructure is enough to undo a hundred busts in the West." Take a program made by a US company, for example, uploaded via a router in Canada to a server in South Africa, where it is downloaded by a Norwegian operating out of Germany using a US-based anonymous remailer, then burnt on a CD in Bulgaria and sold in the UK. "How do you prosecute that mess?" asks Smith. "It's a jurisdictional nightmare." Profit pirates with their credit cards orders leave a money trail and so are relative easy to catch. Robin Hood warez traders like the Inner Circle are another matter. "If there's a person out there who has a decent level of technological awareness of the ways he can be located, it's quite true to say he could successfully hide himself, or use a system where it would be impossible to track him," says Kyle. "It's technically possible for them to bounce their messages all around the world and have us running around like blue-arsed flies" The most experienced and most secretive are the prestige piracy brands - Razor 1911, DOD, Pirates With Attitude (PWA) - tightly knit clubs whose members have known each other for years and call each other good friends but rarely, if ever, meet. True identities remain secret, even to each other. The groups have their own mythology and unofficial fan pages celebrating their greatest hits and victories. They are often padded out with fawning biographies, epic histories of the group, and obituaries for those busted by the cops ("We feel for ya!"). Joining such a group is no easy task. Position become vacant only when members quit and are busted, or a vote is taken to expand operations. Reputation is everything. If you haven't got a rep already, forget it. Even Kyle has to admire them. "Some of these people are incredibly talented," he admits. "The logic and programming behind their set-ups are just amazing." The reaction of captured pirates says it all. When Kyle bursts into houses with police, he doesn't see fear. No cornered pirate tries to jump out the window or flush their hard-drive down the toilet. "You burst in and they just sort of say, 'Uhhh'," he says. "Really downbeat, it's more like resignation. They know they've been outwitted. The game is up." Uncrackable software? The alternative to riot police is burglar-proofing - making copy protection that can't be cracked. But, although it never stops trying, the billion-dollar software industry cannot make uncrackable software. Their security designers are at an intrinsic disadvantage. Compare their job to that of securing something valuable and under threat in the real world - a bank, say. Typically, only one set of armed robbers will hold up a bank at a time, and they only get one crack at it. But imagine armies of robbers, all in different parts of the world, all attacking the same bank, at the same time. Not just once but over and over again. Imagine that each set of robbers is competing against the others in a race to be first to break in. Imagine too that some of the robbers are so technically adept that they could have built the alarms, the safe, perhaps even the bank itself. And that they have cracked hundreds of banks with the same security system before. And that they learn more each time, because they're never caught. No security could survive such an onslaught. The nearest the software industry has come to an effective copy protection is the hardware key or 'dongle'. It's an intricate melding of software and hardware. Calls to the dongle are woven into the code at the lowest level. Without it plugged into the computer, the software will not run. And without the software, the dongle is a mindless paper weight. "The dongle may be called every 150 mouse clicks, or each time you print, or if you select flesh tones as your desktop colour scheme," reports one dongle expert. If the response to the call is false or not forthcoming the program shuts down. For added protection, all communications between the two are encrypted by uncrackable algorithms. And then internal security fuses ensure that any attempt to hack the dongle mechanically causes it to self-destruct. "Nothing short of an electron microscope," says the expert, "could extract the algorithm from that mess". The biggest player in the dongle market is Rainbow Technologies, whose Sentinel hardware keys are used by 55 percent of all protected software. There are 8 million Sentinel dongles attached to 8 million machines the world over. The company calls it: "the world's most effective way to stop piracy" A clarion call to crackers if there ever was one. "Copy protection isn't very casual these days," says Inner circle cracker TAG. "They really don't want their stuff copied which makes it all the more tasty for someone with a reputation to keep up." The logical approach to cracking dongled software is to create a "pseudo-dongle" - a chunk of code that hides in memory, pretending to be the hardware key and giving the correct answers to any query. Theoretically, to construct this, the cracker would have to monitor and trap information passing between the computer and the dongle to build an infallible query / response table. Unfortunately, if the query is, say, six characters long, it can have over 280 trillion possible responses (281,474,976,710,700 to be exact). With modern machines, this would take around 44,627 years to compute. With Rainbow's SentinelSuperPro dongle ("the most secure and flexible protection available") the query length can be up to 56 characters - requiring a mere 10 to the power of 125 years of computing for a complete table. The SentinelSuperPro dongle attached to Kinetix 3D Studio Max 2.0, however, was cracked in just under seven days of its retail release by ForceKill of leading hacker group DOD (Drink Or Die). And every other expensive high-end applications that uses Sentinel - including NewTek's Lightwave and Microsoft's Softimage, and Autodesk's AutoCAD - have ended up the same way: cracked, repackaged, and redistributed to every corner of the Internet within days of their release. Instead of attempting to simulate the dongle, expert crackers simply remove its tendrils from the program code, unravelling the relationship skein by skein, function by function, call by call, until the application ceases to need the dongle to function at all. There may be only eight or nine crackers in the world who could perform such a feat but with the Internet to transmit the result, only one needs to succeed. And when they do, the crew make it known, riotously celebrating in the text .NFO file bundled with their release: "Totally awesome work of glorious DOD cracker - Replicator, after five other crackers gave up! We decided not to do a crack patch coz it will take too much time to code it...you ask why? 'Coz there are 72 (!!!) EXEs patched. All options now work 100%" NFO files do more than brag, supply installation instructions and showcase dubious ASCII artwork skills. They are warez world's Certificate Of Authenticity, testament to a bone-fide release, guaranteed to work. Reputation is paramount. Every release is painstakingly beta-tested. After all, these are their products now. Nobody wants to find a non working 'bad crack' in their hands after a seven hour download. In the 21st century, after years of practice, crackers are reaching new levels of proficiency. Now, instead of just stripping out the copy protection, they've started to dip into the code and actually make the programs better. In 1996, the German research institute Frauenhofer-Gesellschaft released a compression technology (codec) which would soon become, with Napster, a buzzword for Internet copyright theft. It's name was MPEG Layer 3 or MP3 for short. It could compress music into small, CD-quality files, easy to pass around the Internet. At first, the codec was external, meaning any program could use it. But as Frauenhofer continued to develop and improve on the technology, they made it internal, and confined its use to only officially licensed software. Napster was the best thing that ever happened to the computer software industry. Prominent audiowarez group, Radium, objected to Frauenhofer's aggressive protection of their patent and so set their chief hacker IgNorAMUS working to make the codec external again. Robbing the rich to give to the poor. But as he trawled through the thousands of lines of assembly code, he had an amazing realisation - he could make improvements to the algorithm. After a few flicks of his debugger, he had made a suite of alterations which optimised the codec's performance, making it run over 12% faster. Radium repackaged the MP3 codec with a proud graph, displaying their codec's performance over its rival, the original Frauenhofer one. Radium's codec spread around the world at Net speeds and was used to encode the millions of commercial MP3s files swapped on Napster. Napster was the best thing that ever happened to the computer software industry. For years it had spent millions lobbying governments and bemoaning their lack of interest and understanding of internet copyright issues. Then Napster went supernova and propelled those very issues onto the front pages, out into the mainstream, and onto the agendas of the EU and the US senate. Now hard and tight laws are being rapidly introduced to block file-swapping technologies such as Napster, Gnutella, Freenet and others and allow copyright owners to protect their books, music and software on the Internet with heavy duty encryption. But new anti-piracy technology, encryption and laws will not stop piracy. The battle will simply continue. The Internet is by its nature lawless and designed for the free exchange of information - with emphasis on the 'free'. As long as there's a market, there will be a black market. As Napster has proved a million times over, as long as there is information with value, there will be people willing to take it for free. When faced with the ever-replenishing hi-fi shop window, where they can take and not hurt anyone nor be caught, people will take and keep on taking. In the future, the BSA and the industry it represents will continue to make examples of Net pirates, invest in copy protection, and react to new technologies with suspicion and fear. Warez world will continue, maintaining and regulating itself, creating new inventive ways to turn the technology against those who seek to profit from it. Its networks are too extensive. Its members too committed. For every pirate who quits the warez world scene, grows ups, buys a suit, or is prosecuted by investigators like Kyle, there are ten more ready to take his place. "We are all family men, married with children, day jobs and multiple phone lines," says Mad Hatter. "Our kids have been looking over our shoulders for years. They will be the next couriers, the next warez-gods."