Printti 1/1985, page 7 https://www.flickr.com/photos/pelittaako/28294616281/in/album-72157671100768716/ --- Crime Is Widespread in the IT World (Original title: Rötöstely rehottaa ATK-maailmassa) Copies, clones, break-ins, snatching... Texts: Harri Hursti, Silja Linko-Lindh, Niko Palosuo and Kari Tuisku Images: Studio Douglas Sivén, Reijo Telaranta and Eero Aulio The IT crime closest to the ordinary home computer hobbyist is copying programs. It's commonly considered as the only kind of piracy, but in reality it's only the nearest head of a many-headed monster, something ordinary. Back in the day they swapped paper scraps in schoolyards, but these days floppy cases made of plastic or cardboard. In Finland games are the most common items, but worldwide it's MikroPro's WordStar, an editor and word processor. Copying games appears to be an endless rat race. Aging limits games' lucrative time in the market, meaning that companies have to make their profits as quickly as possible. They ramp the prices above the customers' comfort zone and thus create a fertile ground for copying. Copies spread fast and the rat race is ready: small demand -- high price. Copying WordStar is, likewise, motivated by the price, need, lack of competitors and the access to manuals. The Law Lags Behind The law hasn't been able to keep up with quickly spreading piracy anywhere. As a first measure, they have tried to apply old laws concerning audio and video records, which haven't been able to keep up with the times, either. There is no all-encompassing software copyright legislation anywhere, and even within a country the laws are interpreted differently. Filing for a patent doesn't protect software either. In Finland there is great pressure to stop illegal copying of programs. You can spot ads for copies on shops' bulletin boards and magazines' marketplaces, which are practically starting to look like "swapping-relaying-stealing" departments. They're only founding an anti-piracy federation in Finland now, and there are no resolutions from court cases yet. Police reports have, however, been filed and some importers are actively hunting down pirates on magazines. They even offer rewards if you rat on your friends. Not Just Programs Games that have been hurt by copying have been joined by copied hardware. These days the pirate paradise is Taiwan, where you can purchase anything related to micros for a fraction of the original price. Last year a device that was waiting to be released worldwide was copied before it got to the market. Must be a prime example of cloning. The unreliability of local traders hinders Taiwanese trade. There are problems with availability, functionality and repairs afterwards. Most legal importers don't repair clones or genuine products purchased from abroad. Grey "Eminences" The most popular microcomputers' sales are hurt by so-called gray importing, that is commercially importing machines past the official importer. They've tried blocking repairs, but these days gray importers offer half a year warranty, which counters this measure. Gray imports drive official devices' prices down indirectly. The Commodore 64, hit by gray imports, nominally costs 2995 marks today with half a year warranty. It's hard to find a store selling it at that price, though. Even the store owned by the official importer has started participating in the price war and sells the device at 2300 marks. In Helsinki and Turku many shops sell it for 1995 marks. With Money and by Spying The Apple II and IBM PC have suffered the most from clones and "compatibles". But they do that on larger machines, too: the SM-4 known in Finland is apparently the only PDP-11 clone produced in the Soviet Union. It's almost impossible to stop micro cloning. You just have to try to stop early cloning, so that the clones don't reach the market before the original. You can do that only by curbing industrial espionage and covering the chips. On many machines the chips have been protected by encoding them with a non-standard propietary code to stop cloning. However, they don't always do that because of the costs. Carelessness Backfires When people talk about IT crimes, they typically think of a wild kid under 18. In reality, a lot of IT "crime" can be attributed to human mistakes. People make mistakes when typing, but they quickly get fed up with the confirmations required by the computer, such as "was it correct (y/n)?". Without thinking much further, they just press "y". Crooks are helped by ignorant IT workers who carelessly answer their computer-crazy kids' and their friends' question "what do you first type into the terminal when you start work?" Properly planned IT crimes, such as money transfers, offer you two options. Either you hit the jackpot and leave the country or siphon the money little by little. In one classic IT crime the crook apparently transferred rounded pennies to his own bank account to fatten it. When It Doesn't Matter At the moment, most Finnish break-ins follow from carelessness exploited by "insiders". Security is often neglected. The passwords are easy and unimaginative. You go with your social security number, your own, your wife's, kid's or pet's name, or accept something like "system", "password", the name of the machine or such. You don't bother to remember the password, but scribble it on a piece of paper and tape it on the computer for all the workers to see. To not bother anyone, the password is changed not every two weeks but every year. You Can also Get Caught In any case, the risk of getting caught for IT crime is relatively high. Software inspects other software on many layers, there are regular checkup calculations. When something turns up, the list of potential suspects is usually quite short. Modem users have got far in the US and Sweden. In Finland, however, the situation isn't as serious as abroad: modems are only becoming common, there are plenty of legal and open systems available, and we've learnt from others' mistakes, the protection level is high. Furthermore, it's good to remember that, for instance, the American break-ins have been relatively harmless explorations and only minimal nuisance to the system admins. The Networks Leak In contrast, the American local and wide area networks are a squeeze where they've made miracles. Most of the break-ins have taken place on the Arpanet, which covers almost the whole continent. It connects university computers, companies, individuals and even the Pentagon. Because many users have accounts on multiple computers, even one leaked account can be the key to a large system. You can spend time there without causing trouble. If there's too much trouble, it will be stopped. It's an expensive operation, but possible, because in the US it's easier to trace a phone call than in Finland. Local, for example building-wide networks, are convenient for small entrepreneurs who are facing trouble. In some networks the terminal is authenticated based on its id only. By changing the id, you can pose as another. If there's multiple companies on the same network, you can access your neighbor's bookkeeping, billing, planning and whatever they did using computers. Winds of Change At the moment there's money in sofware and hardware copying. The pessimists, however, promise that soon there will be "proper crime" -- harware and software have a lifespan of 3-4 years and also the criminal will need to look ahead. Concurrently, even better protection schemes are being developed. Access control has started appearing even in small companies, and external lines are better protected. It's only a question of who's smarter: the crook or the guardian. --- Page 8, https://www.flickr.com/photos/pelittaako/28373339255/in/album-72157671100768716/ Pirate Ahoy! (Original title: Piraatti ohoi) A young man steps into a store. There's a group of youngsters and also a couple of older people around the computers. The man looks ordinary, just like one of us. He casually approaches the computer and starts to chat with others in a friendly manner. - These games surely are expensive. They should be much cheaper, don't you agree? - True. - Do you have a Commodore 64 or some other computer? - Yes, a Commodore 64. - Yepp, do you have a lot of software, too? - Not that much, but some. - Would you like to buy a couple of games really cheap? - Why not? How much for that Pole Position? - You can get it if you give me an empty floppy. - Ok. Should we go to your place to copy? Maybe we can strike a deal on some other games as well? A software pirate approaches other hobbyists as simply as this. The pirate earns pure money, although at times in a different form, by just pressing a couple of buttons so that bits flow from a floppy to another. When you get illegal copies once, it's easy to continue with the crime. Different ads on magazines are often about selling illegal copies. If somebody bothers to sue them, they discover that the program has passed through many hands. It's illegal to swap programs with your friends even if money isn't involved. There's also international swapping by mail. It's hard to estimate the numbers, as there's so much unregulated swapping going on. --- An Intruder Online (Original title: Murtomies langalla) All devices turned on, the intruder picks up the receiver. He calls a number where he knows a computer will answer. When he hears the beeps, he presses the data button and text starts appearing on the screen. - First it will ask for the type of the terminal, he thinks. Indeed, that's what happens. He happily answers by just pressing return and the computer asks for the username. The intruder types in Ronald Reagan, as he doesn't want to go with his real name. The machine says that there's no such user and asks for the name again. Knowing that his friend is on the system, he types in the name of the friend. The machine requests a password. The intruder tries the first name. No luck. He tries a couple of other passwords. After the third attempt, the machine bluntly severs the connection and writes "disconnected". - I won't give up this easily, thinks the intruder. He calls again and does the same but with different passwords. This time he gets lucky. The password is the user's phone number. The computer at the other end of the line displays him all the available functionality. The intruder chooses mail. The machine prompts for the username again. - I guess it's still the same as initially. No it isn't, answers the computer and disconnects again. The data led on the modem fades as the carrier wave disappears. Now the intruder bypasses the login and starts guessing passwords with a program he made, which walks through all possible passwords in an alphabetical order. The guesswork yields two passwords more. Now he got further than before. The intruder tries to crash the system to maintenance mode by sending it random useless characters. The machine says "ready" after receiving a couple of weird characters. Apparently the computer doesn't recognize the characters and stops. Now the intruder can format the floppies or do something otherwise destructive. But because he got the phone number from his friend, he leaves the system be. Instead, he starts the system software again so that nobody would notice his adventure. The intruder knows that now he can crash the system anytime he wants. --- Image caption, bottom right: Software piracy is so competitive these days that they've even started signing their works. A declaration like in the picture above, "cracked by", is starting to be a common sight on copies. The perpetrators carefully hide behind various pseudonyms, even though showing your real name isn't too uncommon either. In contrast, examples like the one on the right are exceptions in software production. It's much more common to forbid copying and unauthorized distribution than to allow copying in a friendly manner by telling to "copy me for your friends". --- Page 9, https://www.flickr.com/photos/pelittaako/27757545823/in/album-72157671100768716/ Nothing and Nobody Offers Protection Your Program, too, Can Get Copied (Original title: Sinunkin ohjelmasi voi päätyä kopioksi) A unique piece of work which, unfortunately, is hard to protect. You can't get it patented and the copyright law limps. Those who copy don't much consider how piracy exploits the original creator. Microcomputer hobbyists get increasingly interested in creating their own programs as computer manufacturers produce good devices. They spark interest in tinkering in BASIC or other languages instead of playing. Because of this kind of positive development, there is a danger that some bit wizard eventually creates quality software. It might be so good that they get the idea of spreading the fruit of the labor into wider use. Naturally, the first decision to make is whether you try to sell your program yourself or leave the task for an interested software house. At this point, the latest, you face the question: "Who ensures that my idea won't be stolen?" The topic has been under consideration for quite a while already, but the situation remains unsolved. Big software houses suffer the most because of it. In their case the losses may reach millions, when small pirate enterprises all around the world make and market illegal copies professionally. In the case of the hobbyist the losses will, of course, be relatively small, but they may still diminish potential profits considerably. When considering the options, the first protection mechanisms that come to mind are patenting or registering. However, according to the officials those means are not available for programs or any other creations either. The only protection comes from the copyright law, which facilitates sentencing pirates. The IT industry is still new, the legal processes unclear and, thus, even the law doesn't guarantee a fair outcome in software crime cases. Who Guards the Rights? In addition, it is very hard for a single jolly hobbyist to guard their software. Let's assume that someone copies or even buys a program here in Finland and sends it across, for instance, the pond. There they set up a small company which claims to have created the program and makes money out of it. The victim will probably live happily until the end of his days without ever even hearing about it. A much more reliable way is to get one's production sold by a software house, preferably a well-known one. It's often difficult, unless the program is really excellent. Disagreements concerning the compensation may also arise. Both marketing methods have their pros and cons. The best advice these, still somewhat wild days is to implement as good copy protection as realistically possible. Good command of the operating system helps with that. On the other hand, the computer criminal has access to the same information and, therefore, it's impossible to implement copy protection that couldn't be overcome. It is, however, possible to erect a gate strong enough to make even the most aspiring intruder worry. When you consider the protection problem from the author's angle, piracy gains a new dimension, "how would you feel about it yourself?". For instance, when copying a good game, you could consider for a while that it's taken a lot of effort to create it earlier. When you copy illegally, the author will not receive their rightful compensation. It wouldn't be nice to be in his shoes -- you might face the same situation yoursef, if you get a good idea for a program.