In the American justice system, anyone accused is considered innocent until he is proven to be guilty.
"No person shall be held to answer for a capital, or otherwise infamous crime, unless on a presentment or indictment of a Grand Jury… nor shall be compelled in any criminal case to be a witness against himself, nor be deprived of life, liberty, or property, without due process of law; nor shall private property be taken for public use, without just compensation." (Constitution , Amendment V)
This protocol was installed as a protection for those who may be accused unjustly, in order to prevent an innocent man or woman from being sentenced to prison or death. This proof must show beyond a shadow of a doubt that the defendant is guilty as charged or he is allowed to go free. Unfortunately, this protocol does not have any weight when it comes to digital media.
In the world of today's digital entertainment, everyone is considered to be a criminal. No longer are people able to purchase music, movies, or computer programs; instead, people must pay for the right to use these things, but only in the manner permitted by the manufacturers of the media. If that were not enough, the manufacturers reserve the right to change the limitations on this media at their discretion without having to inform the public. In order to enforce these stringent restrictions, the producers of electronic media have incorporated many different measures to prevent unauthorized use or copying of the content, as well as successfully lobbying the government to pass laws that bring severe penalties to bear on those who break these restrictions. The draconian “anti-piracy†measures implemented by the manufacturers and distributors of today's digital media prohibit actual ownership and restrict the use of the product by limiting how the content may be used.
Imagine buying a new car. You have saved your money, and paid for the vehicle in full. As you prepare to take possession of your new automobile, you are stopped by the salesman and given a huge, multi-page document that you must agree to abide by before you can actually use the car you just bought. The contract outlines not only where you could and could not drive it, how often you could drive it, who you could allow to drive it, and that you would have to destroy it if you decided to get another vehicle. This is exactly the situation many are being put in today because of the restrictions being placed on the media purchased.
Take Apple's iTunes application and their online iTunes Store, for example. Due to the immense popularity of Apple's iPod music players, the iTunes Store and the iTunes application are extremely popular. The songs purchased through the iTunes store come in a specific format, called FairPlay. Until recently, only Apple's players could play songs in the FairPlay format due to Apple's refusal to license the format to other companies. Apple recently gave in to public outcries to be able to play the songs on other players.
Other restrictions used by Apple's iTunes include restricting the number of computers a song may be placed on, restricting songs from being converted to other formats than FairPlay, and preventing songs from being sampled or otherwise edited. (The customer is always wrong, 2007, ¶ 9). The same digital rights management, or DRM, is included in movies sold through the iTunes Store, as well.
The reasons for these restrictions and limitations are obvious. If Apple did not have these measures in place, there would nothing to prevent anyone from buying a song and then freely distributing to whoever might want it. The security measures that Apple does put into play are there to protect Apple's interest in selling the music and movies by making the free distribution of the media much more difficult to do. These same measures, however, also present difficulties for those who legally purchase the media.
Music and motion pictures are not the only forms of digital information being held for ransom. Computer programs, or software, are now rife with copy prevention measures. Take, for instance, Microsoft Windows XP. For now, Windows XP is the world standard. It is the most popular computer operating system ever known, and is used on over 75% of the computers used online (Reimer, 2007, ¶ 9). Windows XP incorporates two different copy prevention schemes, one upon installation and the other during operation.
The first security measure is a required registration upon installation of the operating system. This registration consists of entering a twenty-four digit alphanumeric code that comes with the Windows installation CD, along with an activation routine that must be accomplished either online or by phone. Failure to input the proper alphanumeric code will result in Windows aborting the installation. Failure to activate within 30 days will result in the operating system refusing to operate. Along these same lines, if the same Windows XP CD is used to re-install the operating system more than a few times (the exact number is vague and not disclosed), Windows will require you to contact Microsoft to procure special permission. While this is not a problem for the vast majority of users, it is a headache for those who prefer to re-install their operating system fairly often.
Microsoft is not the only one to use a serial key when installing software. Serial keys have become an industry standard, and are used for games, applications, and other various types of software. While it is possible to bypass the need for a serial key, it is not a simple procedure and would not be attempted by the average consumer. Serial keys can also be broken through the use of blind luck and several different programs that try limitless combinations of letters and numbers in an attempt to find the correct key. While the use of a serial key can be annoying, it is still a front-line defense against casual piracy.
The second stratagem used by Microsoft is called Windows Genuine Advantage, or WGA.
Launched in July of 2005, the Windows Genuine Advantage (WGA) program was designed to deliver additional benefits to fully licensed customers of Windows, help protect honest businesses from counterfeiters, and help Microsoft better protect its intellectual property and combat Windows piracy. WGA is one of many programs Microsoft uses to address the problem of software piracy. (Concerned about validation?, 2007, ¶ 1)
Originally launched as an option, WGA was fully implemented as a requirement in order to gain access to several Microsoft Windows services including Windows updates and downloading materials from the Microsoft Download Center. Microsoft requires users to allow the installation a small application on their computers that allows Windows to check if the installation is valid before any updates or downloads are allowed. WGA is then downloaded as a “critical updateâ€. The only words of explanation given by the WGA “update†are, “The Windows Genuine Advantage Notification tool notifies you if your copy of Windows is not genuine. If your system is found to be a non-genuine, the tool will help you obtain a licensed copy of Windows†(Racoma, 2006). What the update does not explain to the consumer is exactly what it is and what it does.
To help you validate your software, the WGA tools must collect a certain amount of configuration information from your computer. The data collected includes:
• Computer make and model.
• Version information for the operating system and software using Genuine Advantage.
• Region and language setting.
• A unique number assigned to your computer by the tools (Globally Unique Identifier or GUID).
• Product ID and product key.
• BIOS name, revision number, and revision date.
• Volume serial number.
…In addition to the configuration information above, status information such as the following is also transferred:
• Whether the installation was successful.
• The result of the validation check.
As standard procedure, your Internet Protocol (IP) address is temporarily logged when your computer connects to a WGA website or server. (Concerned about validation?, 2007, ¶ 3, 5-6)
Although Microsoft claims to collect no personally identifiable information, a quick look at what WGA does collect shows that, not only does it collect more than enough information to pinpoint the exact computer used (make, model, version information, region, product ID and key, volume (hard drive) serial number), it also collects the IP address, which is the point that the computer connects to the internet and is normally static for most computers. With this information, Microsoft knows exactly which computer was used, as well as where that computer is located.
WGA is basically an attempt by Microsoft to catch those who have circumvented the serial key. Any serial key that Microsoft identifies as being used by more computers than it should is blacklisted, and any use of that key will flag WGA into launching into “nag†mode. If WGA detects what it thinks is a problem, it will go into “nag†mode. WGA is far from perfect, but it does fill an important role for Microsoft. Without the use of serial keys and WGA, there would be many more instances of pirated versions of Windows.
Operating systems are not the only forms of software that employ these “anti-piracy†measures. One such measure is a program known as StarForce. Exactly how StarForce works is unclear, but it is thought to measure the angles between the first and last sector of a written CD. StarForce prevents applications from being copied and cracked, or reverse engineered by third parties, as well as implementing software activation and licensing control (Software protection, 2006). This “protection†is included in many software installations, but it is not pointed out to the user. How this is done was explained by Abbie Sommer, of StarForce, in an interview with Jakub Wojnerowicz, of FiringSquad.com:
"There is no legal concern because before a user loads a game, he or she has agreed to accept the conditions of the end-user licensing agreement, typically known as a EULA. These are also known as click and go, or click and accept agreements. When you accept, you are saying I will load this game or application at my own risk, and have read and understood the terms. Or there will be a disclaimer that protects the publisher from damages of any kind due to their products' use. Our product is licensed to our customers, and becomes part of their product, so the user by accepting the terms, is giving approval." (Wojnerowicz, 2004, p. 3, ¶ 8)
End-user licensing agreements, or EULAs, are another avenue that developers and producers of software use to bring their “anti-piracy†policies to bear upon the consumer. EULAs are included in almost all software installations. A few of them are short and simple; these are found in the majority of open-source software, where the source code is open and freely available for anyone to see and improve upon. Most commercially sold software have lengthy EULAs that consist of several sections of mostly legal terminologies. Nestled in these lofty terms are the restrictions placed upon the use of the programs by the manufacturer, along with a clause that states that the EULA may be changed at any time, and that the manufacturer does not have to notify you if it does change. The person installing the software must accept the terms of the EULA by clicking the corresponding button, or refuse the terms and have the software abort the installation.
While EULAs can harbor legal landmines, they are, for the most part, simple agreements between the maker of the software and the user to not use the software in a way it was not intended and to not distribute the software to others. Some EULAs actually contain important information that the user of the software needs to know, like how to properly uninstall it or how to contact consumer support. It is definitely in the user's best interest to at least skim through the EULA and to become familiar with exactly what the EULA spells out as the consumer's responsibility.
Music distributors are now trying their hand at DRM. One recent example would be the debacle of the Sony BMG copy protection scandal. As a form of copy protection, Sony placed two versions of a rootkit, or a self-installing computer routine that runs at a very basic level that is undetectable through routine measures, on over 100 different titles of the music that they produce. These rootkits installed themselves on any computer that was used to play these CDs, silently hiding itself before the EULA was displayed. The EULA did not mention the installation. The rootkit opened holes in the security of Microsoft Windows that could allow an outside party to take control of the computer remotely. Attempted removal of the rootkits would damage the Windows installation beyond repair, requiring a reformat, or a complete wiping of the contents of the hard drive, and a re-installation of Windows (Orlowski, 2005). The fallout from the scandal resulting in Sony BMG recalling the CDs, as well as several lawsuits being filed against the company.
Although these companies, as well as a myriad of others, operate under the impression that all consumers are thieves and pirates, the truth is that most are not. According to a recent study, an estimated 22% of all software in the United States is not authentic (Crime statistics: Software piracy rate by country, 2005). While the number seems high, it must be taken into account that the study counted all backups as unauthentic copies.
This is not to say that piracy is not a problem, however. The US actually is on the bottom of the scale. Other countries, such as Vietnam and China, top the chart at 92%, while many poorer nations, such as Nigeria, Kenya, and the Philippines come in at 84%, 80%, and 72%, respectively (Crime statistics: Software piracy rate by country, 2005). The threat of piracy is a very real one when one looks at the global picture.
[Missing bar graph... didn't translate over]
(Crime statistics: Software piracy rate by country, 2005)