An Open Letter on the Consequences of Using Cracked Software
(as posted to the DAW-MAC mailing list 22 November 2010)
There have been some very impassioned opinions elicited in response to
the November 2010 IMSTA Bulletin covering the impact of piracy on the pro
IMSTA has previously talked about the financial impact of piracy on the
software companies and the layoffs that occur as a result. Today, we will
focus on the impact of a specific act of piracy [the cracking on the
software wrapper of the popular iLok hardware copy protection system] on a
small plug-in manufacturer and its customers.
The company we are talking about is McDSP. We had heard about tough times
at McDSP resulting from all their software being available after the iLok
was hacked. In the telephone conversation with Colin McDowell, founder and
CEO of McDSP, Colin told us that since the iLok incident earlier this year,
McDSP has not been able to focus on product development. Instead, they had
to spend countless hours and dollars on trying to find new strategies to
protect their products. "We've had to spend significant engineering
resources on trying to solve the present piracy issue instead of devoting
our efforts to new platforms and products," says Colin. In fact, a product
that was ready to be released by McDSP in April had to be put on hold until
a solution could be found. This also includes the upgrades that would!
have been available to their paying customers.
Due to piracy, McDSP's legitimate customers currently can obtain no
upgrades to their products until the company has resolved the protection
issue. Furthermore, McDSP has been providing free upgrades to its
customers for over 10 years. This lifetime free-upgrades policy will no
longer be possible since the company cannot afford to provide the next
upgrade free. This is due to the costs associated with the re-engineering
of a product, which was ready to be released a long time ago. Colin says,
"the biggest hit is to the customers - folks waiting for updates, new
features, bug fixes, new products, or in our case, an entirely new product
line (AU versions) for a new huge base of customers - it is not a good
situation. Most of these folks have been mighty patient while McDSP (and
many other companies) work like! crazy to be able to securely release
McDowell adds a final statement of fact that everyone who enjoys
McDSP products should ponder: "Companies like McDSP will seek out different
markets if we are no longer able to securely distribute product in the
For those who think that piracy is a victimless crime, think again. Think
about the software engineers who were laid off because of the iLok
incident. Think of their families who lost a source of income. You know
piracy is wrong. Do the right thing, 'buy the software you use'.
As someone with a bit of an "inside view", there a couple
things I would like to share.
First off, I am not a copy protection apologist -- I have been
openly critical of onerous protection schemes and the tendency of companies
to overestimate the lost revenue while underestimating the cost, both
direct (engineering) and indirect (customer support, ill will). I have
voiced those concerns in open forums, behind the scenes at audio companies,
and directly to copy protection providers such as PACE many times over the
last 16 years.
But the original article dealt with the specific case of the events
of this summer, and the devastating impact on small plug-in companies.
As a contract developer who works with many different companies to
bring plug-ins to market, I have an inside view of what happened and what
the actual effects are. Here are a few things to think about:
- What happened this summer was dramatically different from past
cracks. Previous attacks generally made individual products freely
available but left others protected. This time -- with a few exceptions --
every plug-in and any as-yet unreleased plug-ins, from every manufacturer
that uses PACE, were effectively free for the taking.
- Developers are not "crying over mythical lost sales". The month
after these cracking tools became available, sales fell off a cliff. New
products may sell or not depending on a wide range of factors, but existing
products have a fairly predictable and consistent revenue stream. Those
revenues fell precipitously for every plug-in company impacted by the
- There was no short-term fix. Unlike past incidents where
companies could move on with new releases using protection that patched the
security hole, there was no readily available fix. Only now, many months
later, is there a suitable alternative.
And here is the point of the article:
- Large companies can weather events like this; small ones can't.
While a few plug-in companies are behemoths like Waves, many are small
shops with handful or fewer employees. Having revenue drop to near zero
for six months is a death blow for them. I know of one company virtually
certain to close shop due to this, and several that are hurting very badly.
- Many products that could have been, weren't. I have direct
knowledge, just in my corner of the plug-in world, of several companies who
pulled projects out of development at the last minute because of the
cracks. There are some very cool things that could have been solving your
problems and offering new sonic possibilities -- but are now shelved
I don't like copy protection. But the reality is this: good products
require money to develop. College students (and maybe trust fund babies or
dot-com lottery winners) may code for "Chinese food and RAM and an
occasional new preamp" but experienced programmers have families and
mortgages; modeling expensive gear means buying expensive gear; producing
more complex, more sophisticated products requires more time and effort
going into each product. Hiring a Bulgarian college student to develop the
next great thing in exchange for General Tso's chicken and a Mike-E doesn't
produce solid, professional, state-of-the-art products.
The general state of the economy coupled with the chaotic disintegration of
the music marketplace has made times challenging for everyone. It has made
the "well, I can't afford it right now so I'll use the pirated version...
but I'll buy it for real later" justification intoxicatingly tempting for
many. Unfortunately, the reality is that there is a tipping point: when
too many people go that route, the viability of small innovative developers
disappears, and it is exactly on that precipice we currently find
I do hope that the article and ensuing discussion has at least made
a few folks pause before either using pirated software themselves or
turning a blind eye to it. This isn't developers saying "woe is me, I
can't afford a Ferrari for my summer house". This is folks saying: "Users
have stopped paying for plug-ins, and people have lost their jobs." It
isn't hyperbole or fear-mongering or propaganda... it's an unpleasant
And if anyone truly believes plug-ins without any form of copy-protection
at all can recoup their development cost, I invite you to put your money
where your mouth is. I'd be happy to discuss financing/partnership deals
on several projects I have sitting on the shelf.
Cool Stuff Labs, Incorporated