Software Piracy / Copyright Infringement / AUP Violation / TOS Violation
Someone within your network is infringing Visualware's copyright and other intellectual property rights by actively running a "cracked" version of our product.
1. Background Information
2. Tips for Tracking Down the Person Responsible
3. Interpreting the Log Information
4. DMCA (Digital Millennium Copyright Act) Notification Information (if applicable)
IMPORTANT: Read this entire web page before investigating the software piracy attempt -- It contains important tips for finding the individual responsible.
The unauthorized duplication of software constitutes copyright infringement regardless of whether it is done for sale, for free distribution, or for the copier's own use. Moreover, copiers are liable for the resulting copyright infringement whether or not they knew their conduct violated applicable law. Penalties include liability for damages suffered by the copyright owner plus any profits of the infringing party that are attributable to the copying, or statutory damages of up to $100,000 for each work infringed, among other potential remedies. The unauthorized duplication of software is also a federal crime if done "willfully and for purposes of commercial advantage or private financial gain (Title 18 Section 2319(b))." Criminal penalties include fines of up to $250,000 and prison terms of up to 5 years.
1. Background Information
Background: Visualware software products are available for a 15-day trial. Namely, try before you buy. However, the product must be activated via a valid license key in order to use the product past the trial period. Hacker groups produce "cracked" versions of our software products, which bypassed the need for a license key.
The Issue: We have detected someone within your network actively running a "cracked" version of our software product.
Software Piracy: Installing and using software that has been specially modified to bypass the license key mechanism in the software is prohibited and a violation of US Copyright law and International treaty. In addition, running "cracked" software is theft of intellectual property (software piracy), a Federal criminal act under copyright law.
AUP (Acceptable Use Policy) or TOS (Terms of Service) Violation: All ISP's and network providers publish an AUP or TOS, and most explicitly state that copyright or intellectual property violations may result in discipline or termination of service. Using a "cracked" version of software is a violation of those agreements.
If you have any technical questions about any of the information contained here, contact Visualware's CTO, Jerry Jongerius, at jerry.jongerius@visualware.com.
2. Tips for Tracking Down the Person Responsible
Please follow these steps when attempting to track down the person responsible (order is important):
A) Find the computer: Use the log information provided and the Interpreting the Log Information section below to find the computer that was used.
If the IP address in the log indicates a single computer (instead of a proxy server), but none of the other log information (computer name, ethernet mac, etc) matches the computer belonging to that IP address, you can be almost certain that a hacker has compromised the computer system in question and is using the computer as an HTTP relay/proxy.
B) Find the individual: Use the date/time log information to discover the one individual that was using the computer at the time the software piracy took place. This is especially important if multiple individuals use the computer, and can also be important to eliminate the excuse "someone else must have been using my computer" once the software piracy is discussed.
c) Discuss the Software Piracy: Discuss with the individual why they are running "cracked" software on their computer.
3. Interpreting the Log Information
When a "cracked" version of our software is run, an audit record is produced on our license management server. An audit record similar to the following is produced:
ip address: 128.138.39.XX [strnXX-XX-dhcp.resnet.colorado.edu]
proxy info: for=192.168.2.187|via=1.0 whale:3128 (squid/2.5.STABLE1)
date/time: 2002/10/08 22:27:19 EST
ethernet mac: 00E018190757
user name: Sutha XXXXXuphong
computer name: blueXXXXX
license key: NONE - CRACKED VERSION
product: VisualRoute (build 1819)
|
A single piece of information may not be enough to track back the software piracy to a computer/person. However, with enough pieces of information, tracking down the computer used and individual using the computer is very likely:
ip address: The IP Address of the computer used (as seen by our central license key management server). Confirmed to be valid (non spoofed).
TIP: If NAT (Network Address Translation) is enabled within your network (or a proxy server is used), this IP address will be the IP address of your NAT box (or proxy server), in which case you must use other information below to identify the computer used.
local ip address: An optional field, that if present, is an ip address discovered to be used on the local computer. Very helpful if the ip address above is a proxy or NAT server.
proxy info: An optional field, that if present, may indicate that the 'ip address' is really just a proxy server. The information in this audit field may then be used to help identify the true individual using the proxy server.
Piracy reports after Dec 13, 2002 may have this field.
date/time: The exact date and time that the "cracked" software was run, as recorded by our central license management server (synchronized; so within one second of real time):
TIP: Find out who was using the computer (as indicated by the other log entries) in question at this exact time before questioning people about the software piracy. The person at the computer at the date/time is the person responsible for the software piracy.
ethernet mac: The unique serial number (in hex) assigned to an ethernet network card being used inside the computer (OUI Search). It is all zeros if the ethernet mac address is unknown. To confirm, go to the computer, and run the "ipconfig /all" command within a DOS command prompt window. You will see the ethernet mac address (Physical Address) with dashes, similar to:
Physical Address. . . . . . : 00-E0-18-19-07-57
|
user name: The network 'user name' specified when the user signed onto the computer system.
TIP: The user name entered when the computer was logged in, most often the person using the computer. However, if other people use the computer after it is logged in, the date/time must be used to find the one person of many using the computer.
computer name: This is either the TCP/IP host name given to the computer, or if no host name is specified, the name given to the computer.
TIP: The TCP/IP host name is normally found in the TCP/IP configuration under the DNS configuration tab. The name of the computer is normally found under the Identification section of the 'Network Neighborhood'.
license key: The product license key that was used during the software piracy.
product: The product name (with optional build number) that was used during the piracy attempt.
4. Digital Millennium Copyright Act (DMCA) Notification Information (if applicable)
If "17 USC 512(c)(3) - Elements of Notification" applies to a particular infringement, this section is meant to satisfy DMCA notification requirements. Otherwise, please skip this section.
(i) A physical or electronic signature of a person authorized to act on behalf of the owner of an exclusive right that is allegedly infringed.
Hank Harris, Visualware CEO, is authorized by Visualware, the copyright owner, to act on its behalf. Signed by Hank Harris (Visualware CEO)
/Hank Harris/
(ii) Identification of the copyrighted work claimed to have been infringed, or, if multiple copyrighted works at a single online site are covered by a single notification, a representative list of such works at that site.
The specific copyrighted work (product) being infringed is stated in the email or letter received. It is one of the following: VisualRoute, VisualPulse, DesktopProfile, eMailTrackerPro, VisualLookout, VisualResponse, or VisualProfile.
(iii) Identification of the material that is claimed to be infringing or to be the subject of infringing activity and that is to be removed or access to which is to be disabled, and information reasonably sufficient to permit the service provider to locate the material.
The specific material (product) being infringed is stated in the email or letter received. It is one of the following: VisualRoute, VisualPulse, DesktopProfile, eMailTrackerPro, VisualLookout, VisualResponse, or VisualProfile. The log information provided will allow a computer, and many times an individual, to be tracked down.
(iv) Information reasonably sufficient to permit the service provider to contact the complaining party, such as an address, telephone number, and, if available, an electronic mail address at which the complaining party may be contacted.
Visualware Inc.
PO Box 668
Turlock, CA 95381-0668
1-209-668-3673 (9am-5pm PST only)
(v) A statement that the complaining party has a good faith belief that use of the material in the manner complained of is not authorized by the copyright owner, its agent, or the law.
We have identified the software being run by the individual in question to be a "cracked" version of our software.
(vi) A statement that the information in the notification is accurate, and under penalty of perjury, that the complaining party is authorized to act on behalf of the owner of an exclusive right that is allegedly infringed.
To the best of our knowledge, the log information captured by our license key management server, and provided to you, is accurate. Primary consideration must be given the to ip address. Secondary consideration must be given to the information collected from that ip address, as it is possible that a hacker has compromised the computer system in question and is using it as an HTTP relay/proxy. Furthermore, under penalty of perjury, we claim we are authorized to act on behalf of Visualware, the copyright owner.
|
