An Open Letter on the Consequences of Using Cracked Software

There have been some very impassioned opinions elicited in response to the November 2010 IMSTA Bulletin covering the impact of piracy on the pro audio industry:

IMSTA has previously talked about the financial impact of piracy on the software companies and the layoffs that occur as a result. Today, we will focus on the impact of a specific act of piracy [the cracking on the software wrapper of the popular iLok hardware copy protection system] on a small plug-in manufacturer and its customers.

The company we are talking about is McDSP. We had heard about tough times at McDSP resulting from all their software being available after the iLok was hacked. In the telephone conversation with Colin McDowell, founder and CEO of McDSP, Colin told us that since the iLok incident earlier this year, McDSP has not been able to focus on product development. Instead, they had to spend countless hours and dollars on trying to find new strategies to protect their products. "We've had to spend significant engineering resources on trying to solve the present piracy issue instead of devoting our efforts to new platforms and products," says Colin. In fact, a product that was ready to be released by McDSP in April had to be put on hold until a solution could be found. This also includes the upgrades that would! have been available to their paying customers.

Due to piracy, McDSP's legitimate customers currently can obtain no upgrades to their products until the company has resolved the protection issue. Furthermore, McDSP has been providing free upgrades to its customers for over 10 years. This lifetime free-upgrades policy will no longer be possible since the company cannot afford to provide the next upgrade free. This is due to the costs associated with the re-engineering of a product, which was ready to be released a long time ago. Colin says, "the biggest hit is to the customers - folks waiting for updates, new features, bug fixes, new products, or in our case, an entirely new product line (AU versions) for a new huge base of customers - it is not a good situation. Most of these folks have been mighty patient while McDSP (and many other companies) work like! crazy to be able to securely release software again."

McDowell adds a final statement of fact that everyone who enjoys McDSP products should ponder: "Companies like McDSP will seek out different markets if we are no longer able to securely distribute product in the pro-audio space."

For those who think that piracy is a victimless crime, think again. Think about the software engineers who were laid off because of the iLok incident. Think of their families who lost a source of income. You know piracy is wrong. Do the right thing, 'buy the software you use'.

As someone with a bit of an "inside view", there a couple things I would like to share.

First off, I am not a copy protection apologist -- I have been openly critical of onerous protection schemes and the tendency of companies to overestimate the lost revenue while underestimating the cost, both direct (engineering) and indirect (customer support, ill will). I have voiced those concerns in open forums, behind the scenes at audio companies, and directly to copy protection providers such as PACE many times over the last 16 years.

But the original article dealt with the specific case of the events of this summer, and the devastating impact on small plug-in companies.

As a contract developer who works with many different companies to bring plug-ins to market, I have an inside view of what happened and what the actual effects are. Here are a few things to think about:

- What happened this summer was dramatically different from past cracks. Previous attacks generally made individual products freely available but left others protected. This time -- with a few exceptions -- every plug-in and any as-yet unreleased plug-ins, from every manufacturer that uses PACE, were effectively free for the taking.

- Developers are not "crying over mythical lost sales". The month after these cracking tools became available, sales fell off a cliff. New products may sell or not depending on a wide range of factors, but existing products have a fairly predictable and consistent revenue stream. Those revenues fell precipitously for every plug-in company impacted by the crack.

- There was no short-term fix. Unlike past incidents where companies could move on with new releases using protection that patched the security hole, there was no readily available fix. Only now, many months later, is there a suitable alternative.

And here is the point of the article:

- Large companies can weather events like this; small ones can't. While a few plug-in companies are behemoths like Waves, many are small shops with handful or fewer employees. Having revenue drop to near zero for six months is a death blow for them. I know of one company virtually certain to close shop due to this, and several that are hurting very badly.

- Many products that could have been, weren't. I have direct knowledge, just in my corner of the plug-in world, of several companies who pulled projects out of development at the last minute because of the cracks. There are some very cool things that could have been solving your problems and offering new sonic possibilities -- but are now shelved indefinitely.

I don't like copy protection. But the reality is this: good products require money to develop. College students (and maybe trust fund babies or dot-com lottery winners) may code for "Chinese food and RAM and an occasional new preamp" but experienced programmers have families and mortgages; modeling expensive gear means buying expensive gear; producing more complex, more sophisticated products requires more time and effort going into each product. Hiring a Bulgarian college student to develop the next great thing in exchange for General Tso's chicken and a Mike-E doesn't produce solid, professional, state-of-the-art products.

The general state of the economy coupled with the chaotic disintegration of the music marketplace has made times challenging for everyone. It has made the "well, I can't afford it right now so I'll use the pirated version... but I'll buy it for real later" justification intoxicatingly tempting for many. Unfortunately, the reality is that there is a tipping point: when too many people go that route, the viability of small innovative developers disappears, and it is exactly on that precipice we currently find ourselves.

I do hope that the article and ensuing discussion has at least made a few folks pause before either using pirated software themselves or turning a blind eye to it. This isn't developers saying "woe is me, I can't afford a Ferrari for my summer house". This is folks saying: "Users have stopped paying for plug-ins, and people have lost their jobs." It isn't hyperbole or fear-mongering or propaganda... it's an unpleasant fact.

And if anyone truly believes plug-ins without any form of copy-protection at all can recoup their development cost, I invite you to put your money where your mouth is. I'd be happy to discuss financing/partnership deals on several projects I have sitting on the shelf.

Frank Filipanits
Cool Stuff Labs, Incorporated