David McCandless 26.07.2001
The world of software
pirates: A story of hunters and gatherers
You are walking past a hi-fi shop. On
display is an handsome but expensive stereo. It's way beyond your
price range. Under normal circumstances you just wouldn't be
interested. But this is no ordinary shop. Its window has no glass.
There are no alarms. And if you take the stereo, the owner will not
lose out, because another will instantly spring up in its place.
What's more, you can take that stereo and nobody will stop you.
Nobody will even see you take it. Nobody will come after you. Nobody
will ever know you have it. You will never be caught.
Ask yourself. Would you take the stereo?
The Internet has been designed for one thing and one thing only -
the free exchange of information. But information is a unique
commodity. You can give it away and keep a copy for yourself. If the
information has value, a price tag in the real world like computer software or commercial music
encoded into MP3 for example, you start to get problems.
Radium's improved MP3
codec spread around the world at Net
In the story of the software industry's
fight to stem the Internet's vast copyright leak and the Internet
underground's efforts to keep their elaborate piracy networks alive,
there are two different perspectives, two different yet overlapping
On one side in the world of business,
familiar and dull, the domain of the $15 billion dollar software
industry, its development costs, marketing teams, profits and loss,
lawyers and police.
On the other is Warez World, the colourful, techno over-underworld, where
expert crackers, marauding pirate groups, and hard working couriers,
subvert the technology of the Net to traffic electronic data around
the planet. This is a world of thrills,
prestige, paranoia and fear. A world where
expert crackers who strip the protection from expensive new software
and upload copies onto the Net within hours of its release. A world of wannabes and obsessive collectors,
hard-drives stuffed like stamp albums with illegal programs they'll
Mad Hatter's world
This is Mad Hatter's world. Somewhere in Florida, on a Sunday morning,
the 44 year old ex-dragster racer is sipping at a glass of Seagram's
Ginger Ale, and checking his computer, which has been running
automated scripts all night. Mad Hatter is the ringleader of the
software piracy group called the Inner Circle.
Finding no errors, he reads his email. 30 or so new messages:
some personal stuff, a bit of fan mail, a few snippets of
interesting information, two flames, four requests. He's got a shell
account on a FTP server in Sweden. With IRC running constantly in
one window, he surveys the contents of a few private sites. He types
quickly, creating directories, selecting filters, and sending files
darting from server to server. While he eats breakfast with his
family, another wave of automated scripts kick in. His ISDN
connection hums into life. A steady stream of information departs
his machine and vanishes into the ether.
By the end of the day, he will have poured 100 megabytes of
illegal "warez" out into the Internet.
"Most products you buy from a store can be returned if you are
unsatisfied," says Mad Hatter. "Software cannot."
"Warez is a place to find something you
might want to evaluate before purchasing," adds TAG, the Analogue
Guy, a computer animator and Inner Circle leader. "And we advocate
buying that software if you really like it and use it heavily."
of the "technical investigators"
On the other side of the world, Kyle is arriving for work. The five-storey
headquarters of networking giant Novell in Bracknell, England is
tall and glossy. Kyle's office, however, is a mess. Computers are
piled on every shelf: shiny desktops, disembowelled minitowers and
battered servers, their every last expansion slot jammed with DAT
machines, CD-ROM burners, extra hard drives. A metal unit sits in
one corner, stacked with monitors, video equipment, and spare
The 24 year old network systems engineer may look like another
desk jockey in a suit and tie but his job in unique and highly
"I play on the Net all day," he says, "and get paid for it."
He's an undercover Internet detective and a key member of
Novell's Internet Piracy Unit (IPU), a global group of "technical
investigators" who scour the Net 24 hours a day, searching for those
like Mad Hatter who trade in unlicensed software products - and
busting them. He spends his working week infiltrating warez world, gathering
evidence, pretending to be a trader, a courier, a cracker, a newbie,
a lamer, a lurker, and a leecher.
As Napster has shown the world, the
Internet has a vast copyright leak. The new breed of file swapping
technologies like Napster are just a new dimension to the already
ancient battle between the software industry and the pirates. A
battle which has spilled out from bulletin boards and modems of the
early 1990's, across the Internet and beyond, to the profit pirates
and counterfeiters of Eastern Europe and the Far East.
Napster just gave the previously virgin and complacent music
industry their first taste of the flipside of the new information
revolution. A rude awakening to Microsoft, Novell and co have
already learnt - that most laws disintegrate on contact with the Net
and that given the opportunity to take stuff for free and not be
caught, people take stuff for free.
In Kyle's world, the rules are clear.
Software is a valuable product. Software is money. Applications like
AutoCAD, 3D Studio Max, Microsoft Server, Novell Netware cost
thousands of dollars a shot. Piracy therefore is theft. The industry
claims to lose $15 billion a year to piracy, the majority to
unlicensed copies on corporate networks and Far East/Eastern
European organised counterfeiting. But $5 billion leaks out through
the Internet, through warez world at a rate of $5 million per day.
Theft? No: it's a game
Mad Hatter's world, they laugh at such
numbers. Price tags and lost revenue mean nothing. When you pirate
something you would have never bought or could never afford, how can
that constitute a lost sale?
At the fringes of Warez World, like a great big sluice emptying into the
sea, is Usenet. Of the tens of thousands of discussion groups, 100
or so are dedicated to piracy. In alt.binaries.warez.ibm-pic, files are posted for all to
download, free. No pressure. Just fire up your newsreader, point it
at the appropriate forum, and a list of the latest software spills
down your screen like a home-shopping catalogue. Download away. If
you like the vibe, join the community and contribute.
The warez is old, maybe a few days, a
couple of weeks. The freshest stuff is found in the hectic trade
rooms of IRC. But Usenet is a good entry level for the newbie and
the casual - or anyone who just wants a specific piece of software.
A typical week will see Adobe Photoshop, Microsoft Office, 3D
Studio Max posted, plus the latest versions releases of Windows. All
this plus impossibly early pre-release alphas and betas, web tools,
net apps, games, and utilities. Everything for the forward-looking
Postings vary from a few bytes (for a copy protection crack) to
hundreds of megabytes for the entire ISO image of a CD. Once,
everything had to be packaged up small for modems, but now in the
age of xDSL and cable modems, gigabytes of fresh pirated data pours
through every day.
All chopped into tiny packets (so the parts can propagate from
one server to the next without clogging the feed), compressed and
"We're on the non profit side of the warez
feeding chain," insists TAG.
The warez crackers,
traders, and collectors don't pirate software to make a profit. They
pirate software because they can. The more a manufacturer harden a
product with anti-copying systems, the more fun it becomes to break.
Theft? No: it's a game, a pissing contest, a bunch of dicks and a
ruler. It's a hobby, an act of bloodless digital terrorism. It's
"Fuck you Microsoft". It's about being the first to have something
the other guy doesn't.
"It's an obsessive game," explains Mad Hatter. "My computer is
online 24 hours a day. When I was out of work on disability, I was
totally motivated by the thrill of massive uploads, uploading at
least 40 Mbytes a day for four months straight"
Warezheads can't sleep unless they swell their coffers by at
least one application a day. What's more, they don't really need
that Java Development Kit or this Photoshop plug-in - the thrill is
in creating the new subdirectory and slotting the tightly packed zip
file cleanly, reverently, into the collection. They may even install
it. Then toy absentmindedly with its toolbars and palettes before
tucking it away and never running it again.
Mad Hatter knows the feeling. "We see it every day - people
begging for something to 'finish their collection'. There are a lot
of lamers out there."
Usenet is magnet for lamers. In common Net prejudice, anyone who
uses AOL automatically qualifies for lamer status but other cardinal
sins include: uploading a virus-infected file (sloppy and
dangerous); posting a 'me too' comment onto somebody else's request
(clogging bandwidth); posting single disks, instead of the whole
release (annoying); posting OBZ - one big zip - instead of neatly
fragmented file parts (bad karma for those with unreliable servers).
And, worse of all, upping lists of secret FTP sites or hidden
servers is much frowned upon. The cops are, after all, watching.
"We quickly discovered just how scary search engines like
Altavista were," explains TAG. " You could dig up real email
addresses pretty easy on about 75 percent of people posting warez." Worried, he hacked into the code of Forte
Agent, an industry standard newsreader already cracked to bypass its
shareware cripples, and stripped away the X-newsreader header,
giving posters far greater anonymity. As a side effect, the patch
also reduced email spams by two-thirds.
"The hack went over so well with even nonwarez people that Forte
eventually incorporated it into Agent as a feature," TAG says
proudly, "although I don't think they'll be giving us credit."
For a while, the Inner Circle took it upon
themselves formed to try to maintain and moderate the warez groups. They issued their own Warez-FAQ with three commandments - good manners,
good use of bandwidth, and good warez - and
hoped people would step in line. But, like the software companies,
they soon find that imposing some order on the lawless wastelands
was impossible. "We became burnt out on educating the masses," Mad
Instead they created the Interesting Parties List (IPL), a range
of guaranteed high-level, lamer-free, encrypted news groups for
posting PGP (Pretty Good Privacy)-encoded warez for approved members only. Those on the list
are given a monthly password to unlock the software. The only sign
up requirement is a reasonable knowledge of PGP. "Hopefully this is
a sign you won't be totally incompetent if you choose to post," says
Today, years after its inception, the IPL is still trading.
IRC trading rooms
For many in warez
world, however, encoded Usenet posts are way
too slow and unreliable for their trading needs. They, instead, turn
to Internet Relay Chat (IRC), the main trading hub of Warez World which operates
like a 24-hour stock exchange cum street market.
IRC is solid with infringed copyright in hundreds of channels -
FreeWarez, Warez4Free, WarezSitez, AudioWarez, WarezGamez.
Pre-Napster, the MP3 community traded here. There are private chat
rooms, hidden areas, and invite-only piracy parties, packed with an
eerie mix of real people and 'bots', automated macros with their own
personalities and abilities like computer characters in a role
playing game. Finger one and you could be instantly transported to
an FTP somewhere in the ether. Finger another to get the latest
warez gossip. Some act as bartenders,
allowing participants to buy virtual drinks and smokes for each
Come to IRC for the latest, freshest releases but don't expect a
free lunch. Every piece of software must be paid for - in software.
The more recent the application, the higher its value. The ultimate
bartering tokens are zero day warez -
software released within the last 24 hours, cracked if necessary.
Handling zero-day warez increases your
reputation. If you've got a nice fast connection to the Net and good
contacts, you could earn instant download status on an exclusive
server, logins and passwords for Elite FTP sites, or even admission
into the ranks of a powerful cartel like Razor 1911, Class,
Paradigm, Siege, Xforce, or RiSC.
"Zero day sites are very elite stuff," explains the Inner
Circle's paid-up elitist TAG. "People can get access only if they
can move a few hundred Mbytes a day. Most are invite only. The
average IRC warez trader doesn't get that
kind of access unless they put a lot of work into it."
Zero day trading is a fraught business. Direct competition
between groups often leads to malpractice.
"You get a lot of first release with bad cracks," says TAG. "Just
so someone can say they released first. Then two days later, you get
a working crack."
A step down the chain are drop sites, where fresh warez can be found in exchange for an upload. Some
drop sites run on the trader's own machine; others piggyback
government or corporate mainframes, shareware mirrors, and
university networks. Often they're only up for 24 hours or on
weekends when the site managers are at home and no one's checking
IRC is self-organising, self-regulating. Many of the traders are
friends, and just hang out. The chat is polite and measured.
||"Greets. Have 1.5 gigs of warez on anonymous T1. Upload for leech
access. /msg me for more info. No lamers. Thanx."
"No one in the real warez scene is here to
profit," says one trader known as Diamond. "We are in it for the
same reason some people try to do 200 foot jumps on a bike. It's all
about saying we are cool and showing off. You also make a lot of
friends in the scene and that's the best part for me."
Climate of fear
Like any underground scene, paranoia is
commonplace. Be careful who your friends are. In his office in
Novell UK, Kyle monitors these forums daily, logging usernames and
dialogue, hoping to gather enough details and evidence to justify a
Once, however, the BSA's mission was not to capture pirates but
to "eradicate piracy". When that didn't take, education and the
raising of awareness was replaced by scare tactics and exemplary
"Our strategy is to bring a critical mass of prosecutions," says
Martin Smith, the one time head of Novell's anti-piracy division.
"We'll take out some people who're downloading this material - the
gnats - and then we'll take out some of the larger, more organized
guys. We want to create a climate of fear."
This translates into two or three hefty slaps a year for warez world. In the last
five years, the BSA have arrested IRC traders in California. They
have busted college students running piracy out of their collegiate
servers at MIT. And with the help of local police, they've broken
down doors and raided homes in the Netherlands, South Africa, and
Kyle has been on a few busts. He goes along to ensure no computer
evidence is damaged.
One of his first was in Zurich in 1996. Novell called it a
"landmark case against individuals and organizations distributing
unlicensed software on the Internet"
A 27-year old computer technician, who had helpfully called
himself "The Pirate", was running an FTP site filled to the brim
with warez, including US$60,000 worth of
unlicensed Novell software, plus the now obligatory "bomb making
recipes". "He was one of the new breed who advertise on the
Internet," says Kyle. "He made his files available via email
requests" Kyle, impersonating a trader, infiltrated the site,
collected evidence, and then handed it over to the Swiss police.
The police also raided the HQ of a BBS
called M-E-M-O, run by The Shadow, an associate of The Pirate.
Unfortunately The Shadow was on holiday with his parents at the
time. The family returned two weeks later to find their front door
broken down and their son arrested.
Busts like these were once typical operations for the BSA's but
now new "unrestrained" technologies are devouring their resources.
"Auction sites like ebay are becoming an increasingly problem for
us," says Matt Thomsett, the Novell's new Anti-Piracy Manager. "We
estimate that 90% of Novell products advertised on them in the US
are illegal". Microsoft too has taken high-profile action against
over 7500 auction sites postings offering counterfeit software.
At the same time, governments, too, are waking up to data
trafficking. The rise of e-commerce has promoted several Western
countries to start assembling glamorous-sounding Cybercrime Squads.
Hey are those tax dollars slipping through our fingers? The age old
problem of 'rogue states' however persists.
"All it needs is one server in one country where there are no
laws to counter copyright theft, and there are plenty who will,"
says Martin Smith. "One country with a decent enough telephone
infrastructure is enough to undo a hundred busts in the West."
Take a program made by a US company, for example, uploaded via a
router in Canada to a server in South Africa, where it is downloaded
by a Norwegian operating out of Germany using a US-based anonymous
remailer, then burnt on a CD in Bulgaria and sold in the UK.
"How do you prosecute that mess?" asks Smith. "It's a
Profit pirates with their credit cards orders leave a money trail
and so are relative easy to catch. Robin Hood warez traders like the Inner Circle are another
"If there's a person out there who has a decent level of
technological awareness of the ways he can be located, it's quite
true to say he could successfully hide himself, or use a system
where it would be impossible to track him," says Kyle. "It's
technically possible for them to bounce their messages all around
the world and have us running around like
The most experienced and most secretive are the prestige piracy
brands - Razor 1911, DOD, Pirates With Attitude (PWA) - tightly knit
clubs whose members have known each other for years and call each
other good friends but rarely, if ever, meet. True identities remain
secret, even to each other.
The groups have their own mythology and unofficial fan pages
celebrating their greatest hits and victories. They are often padded
out with fawning biographies, epic histories of the group, and
obituaries for those busted by the cops ("We feel for ya!").
Joining such a group is no easy task. Position become vacant only
when members quit and are busted, or a vote is taken to expand
operations. Reputation is everything. If you haven't got a rep
already, forget it. Even Kyle has to admire them. "Some of these
people are incredibly talented," he admits. "The logic and
programming behind their set-ups are just amazing."
The reaction of captured pirates says it all. When Kyle bursts
into houses with police, he doesn't see fear. No cornered pirate
tries to jump out the window or flush their hard-drive down the
"You burst in and they just sort of say, 'Uhhh'," he says.
"Really downbeat, it's more like resignation. They know they've been
outwitted. The game is up."
The alternative to riot police is
burglar-proofing - making copy protection that can't be cracked.
But, although it never stops trying, the billion-dollar software
industry cannot make uncrackable software. Their security designers
are at an intrinsic disadvantage. Compare their job to that of
securing something valuable and under threat in the real world - a bank, say.
Typically, only one set of armed robbers will hold up a bank at a
time, and they only get one crack at it. But imagine armies of
robbers, all in different parts of the world,
all attacking the same bank, at the same time. Not just once but
over and over again. Imagine that each set of robbers is competing
against the others in a race to be first to break in. Imagine too
that some of the robbers are so technically adept that they could
have built the alarms, the safe, perhaps even the bank itself. And
that they have cracked hundreds of banks with the same security
system before. And that they learn more each time, because they're
No security could survive such an onslaught.
The nearest the software industry has come to an effective copy
protection is the hardware key or 'dongle'. It's an intricate
melding of software and hardware. Calls to the dongle are woven into
the code at the lowest level. Without it plugged into the computer,
the software will not run. And without the software, the dongle is a
mindless paper weight.
"The dongle may be called every 150 mouse clicks, or each time
you print, or if you select flesh tones as your desktop colour
scheme," reports one dongle expert. If the response to the call is
false or not forthcoming the program shuts down. For added
protection, all communications between the two are encrypted by
uncrackable algorithms. And then internal security fuses ensure that
any attempt to hack the dongle mechanically causes it to
"Nothing short of an electron microscope," says the expert,
"could extract the algorithm from that mess".
The biggest player in the dongle market is
Rainbow Technologies, whose Sentinel hardware keys are used by 55
percent of all protected software. There are 8 million Sentinel
dongles attached to 8 million machines the world over. The company calls it: "the world's most effective way to stop piracy"
A clarion call to crackers if there ever was one.
"Copy protection isn't very casual these days," says Inner circle
cracker TAG. "They really don't want their stuff copied which makes
it all the more tasty for someone with a reputation to keep up."
The logical approach to cracking dongled software is to create a
"pseudo-dongle" - a chunk of code that hides in memory, pretending
to be the hardware key and giving the correct answers to any query.
Theoretically, to construct this, the cracker would have to monitor
and trap information passing between the computer and the dongle to
build an infallible query / response table.
Unfortunately, if the query is, say, six characters long, it can
have over 280 trillion possible responses (281,474,976,710,700 to be
exact). With modern machines, this would take around 44,627 years to
compute. With Rainbow's SentinelSuperPro dongle ("the most secure
and flexible protection available") the query length can be up to 56
characters - requiring a mere 10 to the power of 125 years of
computing for a complete table.
The SentinelSuperPro dongle attached to
Kinetix 3D Studio Max 2.0, however, was cracked in just under seven
days of its retail release by ForceKill of leading hacker group DOD
(Drink Or Die). And every other expensive high-end applications that
uses Sentinel - including NewTek's Lightwave and Microsoft's
Softimage, and Autodesk's AutoCAD - have ended up the same way:
cracked, repackaged, and redistributed to every corner of the
Internet within days of their release.
Instead of attempting to simulate the dongle, expert crackers
simply remove its tendrils from the program code, unravelling the
relationship skein by skein, function by function, call by call,
until the application ceases to need the dongle to function at all.
There may be only eight or nine crackers in the world who could perform such a feat but with the
Internet to transmit the result, only one needs to succeed. And when
they do, the crew make it known, riotously celebrating in the text
.NFO file bundled with their release:
||"Totally awesome work of glorious DOD cracker -
Replicator, after five other crackers gave up! We decided not
to do a crack patch coz it will take too much time to code
it...you ask why? 'Coz there are 72 (!!!) EXEs patched. All
options now work 100%"
NFO files do more than brag, supply installation instructions and
showcase dubious ASCII artwork skills. They are warez world's Certificate Of
Authenticity, testament to a bone-fide release, guaranteed to work.
Reputation is paramount. Every release is painstakingly beta-tested.
After all, these are their products now. Nobody wants to find
a non working 'bad crack' in their hands after a seven hour
In the 21st century, after years of practice, crackers are
reaching new levels of proficiency. Now, instead of just stripping
out the copy protection, they've started to dip into the code and
actually make the programs better.
In 1996, the German research institute Frauenhofer-Gesellschaft
released a compression technology (codec) which would soon become,
with Napster, a buzzword for Internet copyright theft. It's name was
MPEG Layer 3 or MP3 for short. It could compress music into small,
CD-quality files, easy to pass around the Internet.
At first, the codec was external, meaning any program could use
it. But as Frauenhofer continued to develop and improve on the
technology, they made it internal, and confined its use to only
officially licensed software.
audiowarez group, Radium, objected to Frauenhofer's aggressive
protection of their patent and so set their chief hacker IgNorAMUS
working to make the codec external again. Robbing the rich to give
to the poor. But as he trawled through the thousands of lines of
assembly code, he had an amazing realisation - he could make
improvements to the algorithm. After a few flicks of his debugger,
he had made a suite of alterations which optimised the codec's
performance, making it run over 12% faster. Radium repackaged the
MP3 codec with a proud graph, displaying their codec's performance
over its rival, the original Frauenhofer one. Radium's codec spread
around the world at Net speeds and was used
to encode the millions of commercial MP3s files swapped on Napster.
||Napster was the best thing that ever
happened to the computer software industry.
Napster was the best thing that ever happened to the computer
software industry. For years it had spent millions lobbying
governments and bemoaning their lack of interest and understanding
of internet copyright issues. Then Napster went supernova and
propelled those very issues onto the front pages, out into the
mainstream, and onto the agendas of the EU and the US senate. Now
hard and tight laws are being rapidly introduced to block
file-swapping technologies such as Napster, Gnutella, Freenet and
others and allow copyright owners to protect their books, music and
software on the Internet with heavy duty encryption.
But new anti-piracy technology, encryption and laws will not stop
piracy. The battle will simply continue. The Internet is by its
nature lawless and designed for the free exchange of information -
with emphasis on the 'free'. As long as there's a market, there will
be a black market. As Napster has proved a million times over, as
long as there is information with value, there will be people
willing to take it for free. When faced with the ever-replenishing
hi-fi shop window, where they can take and not hurt anyone nor be
caught, people will take and keep on taking.
In the future, the BSA and the industry it
represents will continue to make examples of Net pirates, invest in
copy protection, and react to new technologies with suspicion and
fear. Warez world will
continue, maintaining and regulating itself, creating new inventive
ways to turn the technology against those who seek to profit from
it. Its networks are too extensive. Its members too committed.
For every pirate who quits the warez world scene, grows ups, buys a suit, or is
prosecuted by investigators like Kyle, there are ten more ready to
take his place.
"We are all family men, married with children, day jobs and
multiple phone lines," says Mad Hatter. "Our kids have been looking
over our shoulders for years. They will be the next couriers, the