Ethics of warez

I was reading a discussion over at Slashdot about a guy who got busted distributing warez and has agreed to a Slashdot interview. I found the discussion and some of the questions fascinating from an ethical perspective, and I'm curious to hear what the AO community thinks about some of the points raised.

Given the field that we're all interested in, I think it's safe to say that most of us have a checkered past of some sort or have done things that didn't fall just exactly on the right side of the law. Kind of like that line from Beverly Hills Cop - "I wasn't always a cop, you know." I probably shouldn't confess to it in a public forum, but I've downloaded the odd shareware serial number or warez release of Photoshop - or whatever - in the past, but I don't these days because I don't touch anything but Linux now, and it's kind of hard to pirate free software. :)

The thing that really got my attention was this comment:

Quote:

---

People like to look down on cracking (of software and computers) as being evil or juvenile once they're a sysadmin/security analyst. While I'm not going to call them wrong, I suspect that a very large number of the more knowledgeable sysadmins, system coders, and whatnot out there, have at one time or another spent some time freeriding, and learned one or two technical skills in a not-so-legitimate manner. I don't think I've talked to a UNIX guy (and I'm talking about serious sorts, not the type churned out with an IS degree and little idea what they're doing) yet who's talked about this and said "No, I've never pirated software/cracked software/broken into someone's server". I spent a lot of time cracking software back in the day. Never distributed it, and it did eat up a lot of time. However, I'm now happily using the skills that started there to do systems work. Poking at people's servers, in the same vein, breeds better security types.

---

Do you think having a background in warez and cracking makes us better security/admin types as the comment suggests, and if so, does that mean there's a hidden value in the warez trade? More to the point, does the software industry owe a debt to the warez pirates for giving people like us the skills to become white hats? And if so, what's the way out of this catch-22?

In a nutshell..... do you have to be a bad guy first before you can be a good guy?

I'm curious to hear what people think on this......

Well, I can barely turn on a computer. I know about firewalls and popup killers. That's why I'm here. Looking at it from the standpoint of a nearly technological illiterate, I can't see how knowing about cracking can be anything but helpful. I wish I had the know how to learn it.

Having the skill and operating a warez site are two different things. I'm not in favor of cracking software then distributing that software over the net or privately.

Have I ever downloaded from one of those sites. No. I've been to them and within five minutes of finding the last one, my firewall was hit three times -- one from Greece and two from somebody in Spain. None got through and I haven't been back to any warez sites since. If I was interested, and I admit to being curious what was offered, those attacks cured me.

IMHO, having a background in warez and cracking is beneficial only when one has actually done the cracking work. Just downloading a serial number or an already cracked program teaches you nothing. If you actually do the coding work, find the exploit, etc. then you are learning something whicih may be of use.

That being said, using pirated software to learn stuff is sometimes necessary. Take the design industry for example. Design companies often require experience and proficiency in packages by Adobe and Macromedia, which cost hundreds of dollars. What kid growing up can afford to purchase those packages just to learn the software? Or to find out if he/she has an interest in/talent for design? And not every school has classes available to learn those packages under educational licences.

I have thought often about the 'catch-22' of software piracy vs the need for proficient users/experts. There is not really a solution that will be acceptable to all parties. The software companies that produce these products will never allow piracy to the point that they would go out of business before voluntarily giving their software away. And no kid/newbie is going to indebt him/herself just to get the software that they can easily find elsewhere for free.

Quote:

---

What kid growing up can afford to purchase those packages just to learn the software? Or to find out if he/she has an interest in/talent for design?

---

That's the theory behind student discounts. But as it relates to warez, I remember years ago when SCO released its high-end Unix operating system free for personal/non-commercial use. They had a whole web page devoted to the question of why they would choose to give away such an expensive piece of software for free, and the answer basically was that the people they were giving it to couldn't afford to buy it anyway. There weren't any sales there to lose, so why not?

Does anybody buy that argument for expensive applications like Photoshop and Office that are, ostensibly, some of the most commonly pirated applications? That is to say that it doesn't really hurt the vendor at all because the people downloading aren't going to pay that much for it no matter what?

How do you warez hardware?

A really thick phoneline

…it’s a survival trait.

If you don’t come from a family with a decent income and you don’t use warez like office, photoshop and all the others. Your not even in the ball game. Without warez this culture would almost be a cast system, only those already making money could afford to buy the new software and learn to use it well.

If you have the money and download warez that’s a whole different story, but a guys gotta do, what a guys gotta do

Quote:

---

Originally posted here by Noble Hamlet II
How do you warez hardware?

---

One example comes to mind...the USR 33.6 voice modem that was upgradable to 56k via flashing the modem. That *could* be considered hardware warez in a very loose sense.

In boarder terms...

Why don't use ask Kevin Poulsen who now writes for securityfocus if hacking enhanced his career any.

I have difernt views on cracking and warez. I once got into the subject of cracking, I downloaded hex editors, tutorials and other tools. I would folow step by step instructions.

I thought I was cool, till I learned my first language, C. I started to realize the amount of work programers put into makeing software. Though haveing a cracking background gives me a new perspective while trying to make "hard to crack" software.

Then I finaly was able to create a Win32 application useing the Win API, I opened it up with a hex editor to see if I could make changes to it in assemby, It sure gave me a new view on things.

I have matured much since then, I was baned from a BBS, And gradualy I became mature

However cracking software is something definately all software developers need to practice so that they can protect against such loss. Programers need to eat to and thats what changed my view.

Very well said aj. I think that it is a good thing to know how to hack/crack, especially in the field in which we work - Network Security. This includes software security. What better way to know how to code a secure program than to have been able to crack software at some point. No, I am not a cracker. However, there are some things I know now that I would not have known if it weren't for them. So for that, I am appreciative. I was in the same boat with those that could not afford to buy the expensive software, but now, I can afford to contribute to the profit of a Software Engineer working hard at a program. We all reap the benefits in some way, even if it is just knowing that it has been done and ways to prevent things like buffer overflows/stack overflows and such. You know, this makes me think about the Police here. In the city, they hire ex-cons as cops. Why? I don't know for sure. But I can tell you this, I have been told by numerous cops (when they were trying to get me to join the force) that you have to think like a criminal to catch a criminal. Now, I don't mean that cops should be criminals, but I am saying that those that have a less-than-perfect background do have somewhat of an upper hand, especially in major cities across the nation. It's essentially the same concept These guys are able to do their jobs better - they know the territory.

aj, how many programmers do you know who don't use a single piece of pirated software on their home PCs. I can safely say that I know none. I don't really think using pirated software at home is too much of a threat to the programmers who make the software (except in the case of games and other such stuff that's used only at home). It's when companies start to use warez that the programmers are really hard hit. Nuff said.
Cheers,
cgkanchi

Quote:

---

If you don’t come from a family with a decent income and you don’t use warez like office, photoshop and all the others. Your not even in the ball game. Without warez this culture would almost be a cast system, only those already making money could afford to buy the new software and learn to use it well.

---

I completly agree with this. On one hand I certainly don't advocate stealing. But on the other hand I don't think that people should be forced to pay outragous amounts of money for software that isn't worth that much. Example: windows xp. I am told that this os cost around $150+ for the professional version.
Is an os that will crash while viewing a web page worth that much? Especally while there are perfectly free alternatives that will do a hell of a lot better.
While people can think what they will about warez, all i have to say is that i don't think it is anywhere near ethical for people to be forced to line Bill Gates' pockets with money just so that they can use a computer that was bought withen the last year or so.
You be the judge.