[Infowarrior] - Why pirated Vista has Microsoft champing at the BitTorrent

[Richard Forno]

Why pirated Vista has Microsoft champing at the BitTorrent
Eric Lai
 http://www.computerworld.com/action/article.do?command=viewArticleBasic&art
icleId=9009143&intsrc=hm_ts_head

January 25, 2007 (Computerworld) As Microsoft Corp. gets ready to launch
Windows Vista and Office 2007 to consumers, it claims a formidable new foe
it lacked at its last major consumer software launch five years ago: the
popular filesharing network known as BitTorrent.

This third-generation peer-to-peer (P2P) service, already used by tens of
millions of Internet users to swap digital music and movies for free, is
becoming a popular mechanism for those looking to obtain pirated software.

"Any software that is commercially available is available on BitTorrent,"
according to Mark Ishikawa, CEO of BayTSP Inc., a Los Gatos, Calif.,
antipiracy consulting firm.

Piracy and prerelease
Or in the case of Vista and Office 2007, before they were commercially
available. Both products were released to corporations almost two months
ago, but won¹t be officially launched to consumers until Jan. 29.

But as early as mid-November, "cracked" copies of both products were
available via BitTorrent. As of mid-January, more than 100 individual copies
of Office 2007 and more than 350 individual copies of Windows Vista were
available on the service, according to BigChampagne LLC, a Los Angeles-based
online media-tracking firm.

The pirates that cracked early copies of Vista all sidestepped Microsoft¹s
latest antipiracy technology, the Software Protection Platform. SPP is
supposed to shut down any copy of Vista not registered to Microsoft over the
Internet with a legitimate, paid-up license key within the first 30 days.

Microsoft has quietly admitted that it has already found three different
workarounds to SPP. It says it can defeat one, dubbed the Frankenbuild
because of its cobbling together of code from beta and final versions of
Vista. It hasn¹t yet announced success against several other cracks,
including one seemingly inspired by Y2k, which allows Vista to run
unactivated until the year 2099 rather than for just 30 days.

"Pirates have unlimited time and resources," BayTSP¹s Ishikawa says. "You
can¹t build an encryption that can¹t be broken."

Microsoft popular with pirates
According to BayTSP¹s most recent figures from 2005, six out of the 25 most
widely pirated software packages on BitTorrent and eDonkey, another P2P
network, originated at Microsoft. Office 2003 was the second most-pirated
software behind Adobe Systems Inc.¹s Acrobat 7. Other widely pirated
Microsoft software includes InfoPath 2003, FrontPage 2003, Visio 2003,
Office XP and Windows XP.

Cori Hartje, director of Microsoft¹s Genuine Software Initiative, remains
confident that SPP, along with another effort by Microsoft to clamp down on
the abuse of corporate volume license keys by pirates, can reduce the rate
of piracy of Microsoft¹s latest products compared to previous ones.

But the company is taking no chances, fighting back on multiple fronts. To
distract downloaders who may only be seeking a sneak peek at the new
software, the company's offering free online test drives of Vista and 60-day
trials of Office 2007.

To reach young people, who are the most enthusiastic users of P2P, Microsoft
is putting comics up on the Web, mostly in foreign languages, decrying
software piracy.

And on Monday, the company released statistics purporting to show that users
downloading pirated software from P2P networks are at great risk infecting
themselves with viruses or spyware.

According to an October 2006 report conducted by IDC and commissioned by
Microsoft, nearly 60% of key generators and crack tools downloaded from P2P
networks contained malicious or unwanted software. Similarly, one quarter of
Web sites offering key generators -- software that create alphanumeric
strings that users can type in to activate their pirated Microsoft software
-- had such hidden software.

The perils of P2P?
Hartje claims that many pirates are irresponsibly uploading malware along
with their cracked goods to BitTorrent.

 "They may not be running a clean shop, and don¹t care if viruses are on the
software," she says.

IDC researchers used popular antivirus packages from McAfee Inc. and
Symantec Corp. to detect malware. However, the researchers did not
differentiate between more serious viruses and spyware and less harmful
unwanted code such as adware. IDC also conceded that some P2P networks
deploy built-in virus scanning that "strip[s] out most of the malicious
software" before it reaches users.

Some skeptics say that Microsoft¹s "education" campaign is primarily an
attempt to sow FUD -- fear, uncertainty and doubt -- in the minds of
consumers, a tactic the company has been called out for in the past, and
which could backfire.

 "Warning customers about viruses and spyware in counterfeit software is a
nice PR thing for Microsoft, but for the most part, I doubt that it's really
effective," says Paul DeGroot, an analyst at Directions on Microsoft, an
independent consulting firm in Kirkland, Wash., who applauds Microsoft¹s
other antipiracy efforts.

Microsoft hopes to scare consumers straight, he says, because efforts to
guilt and shame consumers into not downloading, have had little success.
Moreover, the company rarely targets end users of counterfeit software with
lawsuits for fear of alienating customers.

 "Our main concern is preventing pirates from putting counterfeits in the
hands of unsuspecting customers," says Matt Lundy, a senior attorney at
Microsoft.

The technology advances
P2P technology, meanwhile, has advanced greatly since Microsoft released
Windows XP in late 2001. At the time, P2P networks such as Napster and
Gnutella were solely used to exchange music files. Since that time, Napster
has been closed and re-opened as a legitimate pay music service similar to
Apple Inc.¹s iTunes. The second-generation Gnutella has waned in popularity
because of aging technology and partial neutering by the record companies,
which have flooded Gnutella with decoy files masquerading as songs, Ishikawa
says.

Enter BitTorrent, which boasts faster file transfers and more reliable
downloads than other P2P networks. BitTorrent was not the first P2P network
to host pirated DVDs and software, but it was the first to make the trade of
such hefty files practical. Moreover, BitTorrent claims it automatically
cleanses its network of both viruses as well as decoy files. The latter
defeats related antipiracy efforts by the music industry.

BitTorrent¹s other great advantage is its ease of use compared to "darknet"
services used by more sophisticated pirates, such as Internet Relay Chat
channels, private FTP sites and Usenet newsgroups. For most Internet users,
darknets remain hard to find -- you can¹t simply Google them -- and
intimidating to use.

Microsoft¹s worst nightmare would come to pass if P2P software piracy
becomes as pervasive as the movie and music piracy. Already, the number of
songs swapped illegally online surpasses the number sold in stores or online
at sites like iTunes, says BigChampagne CEO Eric Garland, citing music
industry estimates.

Victory by assimilation?
Faced with this situation, music and movie companies are starting to co-opt
P2P. Record companies are using services like BigChampagne to scout music
trends and sign up-and-coming bands, while movie studios such as Paramount
and Fox have linked up with BitTorrent to sell movies via downloads.

The software industry lags by comparison. Microsoft is allowing consumers to
download and buy Vista from its own Web site for the first time. Otherwise,
Microsoft has "nothing new to announce in regards to any new distribution
channels," Hartje says.

BitTorrent did not return a call and an e-mail seeking comment.

For Microsoft to ink a deal with BitTorrent to sell full software or even
put up free trials would send out mixed messages, Ishikawa says.

"If you ever want to litigate, don¹t send out any freeware," he says.

Still, people like BigChampagne¹s Garland point out that P2P software piracy
today remains a drop in the bucket compared to video piracy, which involve
similarly hefty files. His reason: downloaded movies are just entertainment,
but business software is used to run companies, do people¹s taxes and other
important things. For those, most users still prefer the security blanket of
technical support, access to software fixes and updates -- even manuals --
that only buying the software can provide, Garland says.

"Forget backdoor viruses or trojans," he says. "There are some things that
are worth paying for."