Monday December 6, 2004 From: EDACafe About This Issue Pirated Software November 29 - December 3, 2004 By Dr. Jack Horgan Read business product alliance news and analysis of weekly happenings ADVERTISEMENT Introduction There is an old adage that says “you get what you pay for”. This suggests that anything you get for free can't be worth very much. Today, there is a considerable amount of valuable software that one can get for free or at a nominal fee. This includes a) shareware or freeware available on countless websites b) user group offerings donated by members c) opensource software d) readers/players from authoring tool vendors like RealNetworks, Adobe, and Macromedia as described in last week's editorial e) commercial freebies such as conversion tools from competing databases and f) the ever popular pirated software. Pirated software is software that that the vendor/developer did not intend to be free. Some people see coworkers with “neat” software and rather go through the hassle and time delay to obtain the program through normal company channels, they simply copy it. Some people bring software home from work and vice versa. In some cases people borrow the software with the good intention but little follow through to purchase it later. In some instances managers deliberately decide to save money by installing or making available over a network more copies of a particular program then their firm has legally licensed. In some cases individuals copy software from friends, neighbors, and associates for personal use. Often the source of pirated software is a website or a flea market that offers popular software for a fraction of the commercial price. Other forms of software piracy beyond end-user piracy include counterfeiting where illegal copies of software are made and distributed in packaging that reproduces the manufacturer's packaging, internet auctioning where software is resold in violation of its license agreement, pre-installed software where a computer manufacturer or reseller illegally installs software on multiple machines and the sale of circumvention devices. I recall an incident when I was Applicon, where a prospect ordered 6 seats of software but changed to a single seat at the last minute. A disgruntled (it's always the disgruntled ones) employee informed Applicon that his company had purchased 5 copies of a device to circumvent our security device. IT organizations, particularly in large firms, do not appreciate employees acquiring software outside normal channels. Not only is this illegal but it makes their technical support task more difficult. Using software from unknown sources increases the exposure to viruses and the like. It also increases the number of configurations that must be supported. There are several drawbacks in using pirated software including Lack of documentation Lack of technical support Lack of future fixes and upgrades No warranty protection Greater likelihood that the program will not function properly No access to user training Exposure to substantial legal penalties Potential public and personal embarrassment Further, the lost revenue impacts the developers' capabilities to support and enhance their products and to create and maintain jobs. Society suffers when there is less motivation for innovation. The best example of pirated software in the CAD industry has been AutoCAD. In 1982 Autodesk released AutoCAD at a price of $1,000 running on the newly introduced IBM PC. The product was pirated in droves. This is somewhat ironic because the established CAD vendors like ComputerVision, Applicon and Calma were selling their multiuser systems at over $125,000 a seat. However, the fact that these CAD software modules were tied to proprietary hardware serviced by the vendor's field engineering staff made them difficult to steal. The CAD terminal served in effect as a security block. Since Autodesk had revenues of $300 million in the last quarter, it is clear that the firm has taken steps to protect its intellectual property. In fact they instituted an aggressive campaign to combat software piracy. In a press release dated July 7, 2004 Autodesk announced that it has recovered more than $63 million in North America since its Piracy Prevention Program began in 1989, and $3 million during the last year, from settlements with companies using unauthorized Autodesk software. The company has a webpage that lists recent settlements along with a description of the offenders. Currently ten firms are listed with a total of $725,000 in payments for penalties for unauthorized use and purchase of Autodesk licenses. The payments range from a low of $35,000 to a high of $157,000. There are organizations of software companies that are focused on anti-piracy activities such as educating consumers, lobbying the government concerning copyright related legislation and assisting in civil and criminal prosecution of offenders. The Software & Information Industry Association (SIIA) was formed by the merger of the Software Publishers Association (SPA) and the Information Industry Association (IIA) in 1999. The SIIA is the principal trade association for the software and digital content industry with over 700 members. SIIA provides global services in government relations, business development, corporate education, and intellectual property protection to more than 700 leading software and information companies. Started in the mid-1980s, SIIA's Corporate Anti-Piracy program identifies, investigates, and resolves software piracy cases on behalf of its members. As Internet-based piracy has emerged, SIIA began an extensive program for tackling software pirates operating over the Internet, ensuring that SIIA members receive the maximum protection possible. The pro-active campaign is premised on the notion that one must balance enforcement with education in order to be effective. The organization offers rewards up to $50,000 to individuals who report verifiable corporate end-user piracy cases to its Anti-Piracy team, whether the software is illegally being offered on a website, newsgroup, auction site, P2P network, FTP site, IRC, bulletin board service or elsewhere on the Internet. The Business Software Alliance (BSA) describes itself as the voice of the world's commercial software industry before governments and in the international marketplace. The mission of organization is to build a safe and legal digital world that fosters IT investment, innovation and confidence in our networks. BSA educates consumers on software management and copyright protection, cyber security, trade, e-commerce and other Internet-related issues. Established in 1988, BSA has programs in more than 60 countries worldwide. Worldwide, more than 50 BSA hotlines provide callers with the opportunity to obtain information about software piracy and report suspected incidents of software theft. BSA also works closely with law enforcement agencies around the world to enforce software licensing agreements. The membership of BSA includes the following companies AdobeEntrustMcAfee AppleHPMicrosoft AutodeskIBMRSA AvidIntelSolidworks BentleyISSSybase BorlandIntuitSymantec CadenceMacromediaUGS Cisco SystemsMastercamVeritas Dell Note that 6 out of 27 firms are in the CAD industry. BSA in cooperation with IDC, a leading global market research and forecasting firm in IT, conducted a study of software piracy around the globe. IDC used its proprietary statistics for software and hardware shipments, conducted more than 5,600 interviews in 15 countries to gain a better understanding of the amount of software running on computers and used IDC analysts to review local market. The methodology starts with the number of hardware units. The estimated amount of software actually installed is determined by country surveys. From software vendors one obtains their software revenue and average system value yielding the number of software units legally sold. The difference is the amount pirated. According to this study the piracy rate on a global basis is 36% with a dollar amount of nearly $29 billion. Geographic breakdowns are given in the tables below. Table Top and Bottom Five Countries with regard to software Piracy Rate Table Top Five Countries in Terms of $ Loss Due to Software Piracy Figure 1 Dollars Lost due to Software Piracy and Piracy Rate Note that the Asia Pacific rate is lower than one might expect but this is due to inclusion of Japan and Australia that bring down the average. Since the high-growth regions have higher piracy rates, one can expect the dollar loss to rise. The dollar amount is greater in developed countries because more software is used and prices are higher. Some quarrel with the dollar loss figure. They doubt that everyone who has an illegal copy of a software product would have purchased a legal copy even if a free copy was not available. Further, they argue that some who have illegal copies eventually purchased legal versions. Copyright Law US law says that anyone who purchases a copy of software has the right to load that copy onto a single computer and to make another copy "for archival purposes only" or, in limited circumstances, for "purposes only of maintenance or repair." It is illegal to use that software on more than one computer or to make or distribute copies of that software for any other purpose unless specific permission has been obtained from the software publisher. The Copyright Act allows a copyright owner to recover monetary damages for infringement as defined by the actual damages plus any additional profits of the infringer or statutory damages up to $150,000 for each copyrighted work. The copyright owner may also be awarded costs and attorney's fees, may permanently enjoin the perpetrator from further infringement and enforce destruction or disposition of the infringing works and devices employed to create and or use the illegal copies. Further, the government may prosecute copyright infringers and provides for criminal penalties, including fines of up to $250,000 and/or jail terms of up to five years. The No Electronic Theft (NET) Act is legislation enacted by the US Congress in 1997 to facilitate prosecution of copyright violation on the Internet. The NET Act makes it a federal crime to reproduce, distribute, or share copies of electronic copyrighted works such as songs, movies, games, or software programs, even if the person copying or distributing the material acts without commercial purpose and/or receives no private financial gain. This law was passed as a result of the LaMacchia case. David LaMacchia was an MIT student who set up an electronic bulletin board named Cynosure where people could upload popular software applications and computer games. He transferred these files to a second encrypted address where they could be downloaded by other users. He was indicted for wire fraud. The case was eventually dismissed because he did not receive any financial gain from this operation. In 1998, Congress passed the Digital Millennium Copyright Act (DMCA) prohibiting the circumvention of technological measures that effectively control access to a copyrighted work and the making of or trafficking in a device that circumvents such technological measures. Punishments for the first offense include imprisonment of up to five years and a fine of up to $500,000. Intellectual property protection law and enforcement practices differ greatly from country to country. The lack of protection and lax enforcement are reason often given to be concerned about offshore outsourcing. Internationally, the standards for copyright protection of software are set forth in the Berne Convention for the Protection of Literary and Artistic Works and the WIPO Copyright Treaty. Both agreements are administered by WIPO (the World Intellectual Property Organization) and the TRIPs Agreement, which falls under the auspices of the WTO (World Trade organization). The motivation of those who engage in software piracy as a business is the same as those in other illegal activities, namely money. It can be a very profitable business. The thinking of end users who participate in software piracy is more difficult to understand. People who would never think to walk out of a store with a CD or software without paying seem to have no compunction to copying software illegally. While average individuals may not be aware of the substantial penalties for piracy, it is hard to believe that people are totally oblivious to their wrong doing. This is particularly true when they not only use but also actively distribute their ill gotten goods to others. While one might download pirated songs and movies weekly or even daily, I suspect that individuals pirate software far less frequently. On the other hand, a seat of AutoCAD sells for around $3,000 while a music CD or video DVD sells for under $20. Some people seem ignorant of basic accounting. They confuse the raw material and manufacturing costs of a product with its total cost. In the case of downloading software, movies or music from the Internet they see no cost at all. Hence, no harm, no foul as they say in basketball. There are of course R&D, Marketing, Sales and G&A costs incurred to run the company that produces the original material. In 2001 SIIA and KPMG conducted a survey of 1,000 consumers and 1,000 business users exploring the attitudes of Internet users toward copyrighted material, here materials included paid subscriptions to on-line content. Content can be copied or passwords to the subscription can be shared. The study showed that roughly 30% of both consumers and business users downloaded pirated software. Few of the respondents-less than 10 percent of Consumers and less than 16 percent of Business users-indicate that they have redistributed software that they downloaded. Of those who have redistributed software, most have done so multiple times-60 percent between two and four times. The study found that “In general, most people have at least a moderate belief in the sanctity of copyright laws as they apply to Internet content and software. Overwhelmingly, they indicate that they would not knowingly violate copyright laws. However, there is a shared belief, dominant in some segments, that everyone who uses the Internet eventually violates copyright laws.” This can leads to the justification that “Everyone is doing it”. Some feel that since printed material like a magazine or book can be loaned or given to another, why not electronic content. Of course, only one person has the printed material at any one time. Some people, the study refers to them as “Anarchists”, see copying or sharing software or copyrighted information from the Internet as perfectly reasonable and think that the law should reflect this view. The study shows that a significant percentage of those surveyed are confused about what is legal and what is not. The study also showed a disconnect between expressed attitudes and behaviors. This suggests that educational efforts including by companies and universities whose employees and student use their computer systems would be helpful in discouraging software piracy. Universities have been complaining that their broadband and storage capacity has been usurped by the downloading of music, videos and software. Since software piracy results in considerable lost revenue for software vendors, it is not surprising that there are a number of firms who specialize in anti-piracy or license enforcement mechanisms. Macrovision Corporation, a Delaware corporation founded in 1983, develops digital rights management and software licensing technologies to combat widespread casual digital piracy while offering solutions that enable customers to electronically control the use of digital content and software, and to build significant new revenue models. Macrovision's content protection technologies cover over $130 billion of protected entertainment content worldwide and its FLEXnet universal licensing platform is embedded in over $70 billion of installed software. Over 3,000 software publishers use its products. The company also offers Analog Copy Protection (ACP) to prevent unauthorized analog recording, provides music CD content protection and media management solutions (CDS) that enable consumer flexibility to 'burn' protected CDs and export compressed audio files to portable devices and offers SafeDisc Advanced CopyProtection and Hack Protection solutions fro PC game makers. FLEXnet is the successor to Flexlm which Macrovision obtained through its acquisition of Globetrotter Software, Inc. in a stock swap in August 2000 valued at $947 million. The Globetrotter business became Macrovision's STG division (Software Technologies Group). Using FLEXnet Publisher, licensing terms can either be embedded into a publisher's source code during development or “wrapped” around it post-development. Decisions regarding trial period length, demo copies and upgrade paths are coded into the FLEXnet Publisher Licensing Module, which are then automatically enforced. FLEXnet Publisher also offers strong encryption and security technologies to ensure that software products run only on authorized machines by authorized individuals. FLEXnet Publisher automates the activation and licensing of shipped products, and maintains a log of all such activity. In July 2004, Macrovision acquired leading software company InstallShield, incorporating its leading installation-authoring and update service solution into the company's offering The financial performance of Macrovision is shown in the table below. Table Macrovision Annual Financial Data In the just completed third quarter of 2004 Macrovision had revenues of nearly $49 million a 56 percent increase from the same quarter a year ago. SafeNet, Inc. was founded in 1983 under the name Information Resource Engineering. From the beginning, the company specialized in enterprise network security solutions that use encryption technology to protect private and public computer networks. In 1995, responding to the explosion of the Internet, Information Resource Engineering began developing VPN products under the product brand SafeNet. In the fall of 2000 the company changed its name to SafeNet, Inc. In the beginning of 2002 the company expanded into Europe. In 2003 the firm acquired Cylink Coropration. In 2004 SafeNet acquired Rainbow Technologies. The company is now positioned as a single source vendor for WAN, IPSec VPN, SSL VPN, PKI Deployment, and Digital Rights Management. SafeNet supports more than 5,000 customers, with distribution channels extending across more than 100 countries. On March 15th 2004 SafeNet announced the completion of its acquisition of Rainbow Technologies that had been announced in October 2003. The aggregate purchase price was $412 million. On April 13th SafeNet announced the establishment of a separate Sentinel business unit. At the time Anthony A. Caputo, Chairman, and CEO of SafeNet said "Our mission is to build on Sentinel's position as the leading vendor of software anti-piracy and to be the worldwide leader providing comprehensive solutions for software protection and digital rights management." The Company has two reportable segments. The Embedded Security Division designs and sells a broad range of security products, including silicon chips, accelerator cards, licensed intellectual property and software products to original equipment manufacturers (“OEMs”) that embed them into their own network and wireless products. The Enterprise Security Division sells high-performance security solutions, including software and appliances, to address the needs of the U.S. government, financial institutions and other security-sensitive commercial companies. For the three months ended September 30, 2004, a major U.S. government agency customer of the Enterprise Security Division accounted for 43% of the Company's consolidated revenues. SafeNet expects total revenue for 2004 to be around $215 million with $34 million in the areas of anti-piracy, license management and rights management. SafeNet's Sentinel product line, which includes Sentinel SuperPro hardware keys and Sentinel LM license management software, was created to address the market demand for software protection, digital asset protection and license management. The Sentinel product line was designed to meet the needs of independent software vendors, software consultants, and software engineers, while remaining transparent to end-users. The Sentinel hardware key is a programmable device with multiple proprietary algorithms and on-key read/write memory. Sentinel keys are integrated with a vednor's application when they sell it and the communication between the application and the key can accomplish many functions in addition to allowing program execution. SafeNet claims over 17,000 satisfied customers and over 25,000,000 end-user clients worldwide. Aladdin Knowledge Systems, Ltd. is a leader in digital security, providing solutions for software Digital Rights Management and Internet security since 1985. Serving more than 30,000 customers worldwide, Aladdin products include: eToken, providing cost-effective strong user authentication and password management solutions; the eSafe line of integrated content security solutions, protecting networks against malicious, inappropriate and nonproductive Internet-borne content; and HASP, a Digital Rights Management (DRM) suite of protection and licensing solutions. HASP is a comprehensive solution suite for software publishers' protection and licensing needs. This suite includes: HASP HL hardware-based licensing and software protection system, preventing the unauthorized use of software across multiple platforms (Windows, Mac OS, Linux); HASP DocSeal, a hardware-based system for protection of intellectual property and sensitive information; and HASP SL for software-based licensing, protection and distribution of software via CD, ESD or peer-to-peer. During 2003 Aladdin had total revenue of $54.7 million and net income of $2.7 million. In the third quarter of 2004 the firm had total revenue of $16.9 million and net income of $2.3 million. The newly formed Software Digital Rights Management business unit which combines the firm's software protection, licensing and distribution products, HASP and Privilege, accounted for $12 million in revenue. These software security vendors support various licensing models including Node locked - tied to authorized machines Floating - or concurrent allows a maximum number of users at a given time Name user - locked to a specific person rather than a specific machine Site - all users at a specific location Pack & go - allows licenses to be temporarily detached for laptop or hand-held use. Feature-based - enables vendors to turn specific functionality on or off so they can charge on a feature basis or create new products. Product Bundle - allows vendors to create different versions of licensed products, like "lite", "standard" and "premium" Redundant/Load - allows for fail-over support of mission-critical applications. Balancing Leasing/rental - implements software rental or leasing. Pay-per-use - enables billing on a usage basis (ave number of users, max number of users, hours of usage, ..) Evaluation - allows your user to evaluate an application for programmable variables such as set time period, end date, or number of executions. Time-limited - set to expire at a predetermined time. The end user generally has to call a technical support line to register and activate the software. There are some potential issues with software security. The security device may malfunction, be lost, be stolen or become damaged. Security software on a network is susceptible to network outages and disk crashes. Of course these events seem to always happen on weekends and after hours or when the internal support guy is away. Vendors provide various mechanisms to address these issues. Speaking from experience, when physical devices are distributed for evaluation or demonstration purposes it is always a hassle to get them back. Even field application engineers face challenges when they show up to do a demo on someone else's equipment. Weekly Highlights EDA Electronics Workbench Launches MULTISIM 8 The Most Powerful and Cost Effective Circuit Design and Simulation System Cadence Joins with IBM to Launch Power.org; Design Chain Leaders Collaborate on Reference Flows to Enable Design and Fabrication of Power Architecture-Based SoCs 3Plus1 Technology, AccelChip Inc., Hantro Products, and Synfora Join Open Core Protocol International Partnership Synopsys Posts Financial Results for Fourth Quarter and Full-Year Fiscal 2004 Synopsys Announces Renewal of $500 Million Stock Repurchase Program Zuken's Upgraded Enterprise PCB Design Suite, VISULA, Delivers Greater Productivity Through Improved Routing Automation and New Constraints Manager Azul Implements High-Speed Chip with Cadence Encounter; Cadence Encounter Digital IC Implementation Flow Facilitates Complex SoC Nassda to Be Acquired by Synopsys in All-Cash Transaction at $7.00 Per Share Outstanding Litigation to Be Settled at Closing Dectron Internationale announces licensing agreement with Flomerics Inc. Synopsys Announces Appointment of Jay Greenberg as Senior Vice President of Marketing Accelerated Technology Announces USB On-The-Go Support Now Available for Embedded Developers Using the Nucleus RTOS Sasken Develops Reference Flow Based on Synopsys' Galaxy Design Platform TransEDA Announces Support of Embedded PSL for VHDL, Verilog and Mixed-Language Designs Altium Releases P-CAD 2004; New Advanced Route Tool Significantly Boosts Board Design Soc & IP National Semiconductor Introduces Multi-Gigabit Analog Equalizer With Highest ESD Protection for High-Speed Ethernet, Storage and Telecom WJ Communications Announces Initial Volume Production Order for 12V Power Amplifier Module and OEM Supply Contract; ECM168 Ideally Suited for PAS/PHS Base Station Applications Oxford Semiconductor's Bridge Chips Simplify USB to Serial Connectivity Zarlink Introduces World's Smallest Digital Timing Chip for SONET/SDH Line Cards Datang Expands Its ZSP(R) Cores Licensing Agreement With LSI Logic for Use in 3G Wireless Applications Silterra Demonstrates Functional 0.13-Micron SRAM; Working 8-Megabit SRAM Results from Successful JDP with IMEC Larger-Memory Devices Extend Freescale Semiconductor's MAC7100 Portfolio NewLogic Announces Its 802.11h Solution with Enhanced Radar Detection for Its WiLD WLAN Intellectual Property - IP TriQuint Semiconductor, Inc. Announces Repositioning of its Optoelectronics Business Strategy IBM, Sony, Sony Computer Entertainment Inc. and Toshiba Unveil Cell Processor; First Details of Multicore Chip Comprising Power Architecture and Synergistic Processors Atmel Introduces Highly Integrated Low-IF SiGe-BiCMOS Transceiver IC for 2.4 GHz Digital Cordless Telephones Enabling Operation of Multiple Handsets Potentia Semiconductor - First primary side power management ICs enable integration of primary and secondary side power control schemes Conexant Introduces World's First Family of H.264-Compliant HDTV Semiconductor Solutions; Next-Generation Decoders Significantly Improve Bandwidth Utilization More EDA in the News and More IP & SoC News Upcoming Events...