Pirates: Good for Microsoft, great for open sourcers

BSA marooned by shipmates

3 Big data security analytics techniques

Open...and Shut Software used to be so easy. You built a product and sold it through a variety of channels. Prospective customers might wonder whether they should buy your product or someone else's, but there was no question that they'd have to buy something if they wanted it. Software was proprietary. You couldn't use it for free. Period.

Open source and a new wave of freemium models called all of this into question. Such models traded certainty of payment for ease of distribution. Open source, for example, made it possible for MySQL to become widely adopted for relatively little investment, but it also made it more difficult for its primary developer to get paid.

A fair trade-off? Almost certainly. And perhaps a clue as to how all software will be distributed in the future.

Open source and other disruptive models are causing grief for traditional vendors, who increasingly must answer uncomfortable questions like: "Why does your product cost $100,000 when your open-source competitor charges a fraction of that?" and: "Why am I paying maintenance on a product you rarely update with anything I actually need?"

Rather than answer, some vendors audit.

Alan Pelz-Sharpe, an analyst who covers the Content Management industry, reveals the's seeing a new wave of audits, and that: "EMC & KPMG continue to invoke out-of-the-blue audits on some of their best licensees."

This isn't, of course, isolated to the ECM world, which is one reason that the industry has sought to turn over its anti-piracy policing efforts to the Business Software Alliance. The BSA has long been the industry's preferred bully for checking up on alleged piracy, earning itself a less-than-ideal reputation in the process.

Perhaps for that reason, since 2008 Cisco Systems, EMC, IBM, Hewlett-Packard, SAP, and others have dropped off its membership rolls, as pointed out on TechRights.

These companies may recognize the PR hit they take each time the BSA succeeds in nabbing an alleged pirate. But perhaps they also recognize that there are better ways to policy piracy.

One way is to deliver software as a service (SaaS). Almost by definition, it's harder to "pirate" because you don't get a copy of the software to pirate. Sure, you can load up people on shared login credentials, but generally the bother of doing so outweighs the cost savings.

SaaS is a way to deliver proprietary software without some of its unfortunate companions, such as hefty maintenance fees with little actual value delivered to customers.

Another is the freemium model already noted, which gives users a fair amount of value before requiring payment. This allows customers to pay as their adoption - and value - grows, which most would consider a fair exchange.

Of course, what many vendors may not openly acknowledge is that piracy might be more friend than foe.

Take the developer of Punch 'Em!, who argues that sales of his iOS app significantly increased in proportion to the increased pirating of his game:

Throughout Punch 'Em!'s paid lifetime, I couldn't raise its sales count in the long term. So if thousands of users end up pirating my app, but hundreds buy it as a result of hearing about it from their pirate buddies, why should I cry?

My app has a sharing feature: if you like the app, you can email your friends about it. As a result of the increased amount of users, the people who are stealing my app are slowing telling others about it, increasing the amount of users who actually purchase the app from the app store.

Why don't I put in code to try and convert these pirates?

Interesting thing, I had code in previous versions which did just this. It checked (through various means) if the IPA had been cracked, displayed a message asking that they purchase the app, and exited. My conversion rate was 0%. Beyond the conversion rate issue, my app was pirated very little--after all, my app quit almost immediately, so why share it at all?

Bottom line: people stealing my app has increased my sales.

Nor is this developer alone in discovering the value of piracy to increasing sales. Microsoft has long allowed rampant piracy of its software in places like China. Why? For one thing, it's a great way to keep users from trying alternatives like Linux. For another, a pirate today can be converted into a paying customer tomorrow, or perhaps helps to create a network effect great enough that fence-sitters who aren't pirates end up paying for Microsoft products.

Everyone wins.

At both of my previous employers - Alfresco and Canonical - I watched proprietary competitors respond to our business model by dropping their prices to $0, or close to it. They discovered alternative payment triggers. Perhaps they gave away their software to drive hardware sales, or to sell complementary software components.

This is one way to essentially enable "piracy" of their products, and it's very, very smart.

Gone are the days when customers will pay for software just because there's a proprietary wrapper on it and a big price tag. They increasingly demand real value for real money. Savvy vendors will embrace this trend rather than blindly fight piracy. They'll embrace new models that enable efficient distribution of software and still allow payment for value delivered, as Evernote chief executive Phil Libin opines:

Lost among all the gloomy economic news of the past few years is the fact that there's never been a better time to be in software. Sure, the emergence and inevitable dominance of app stores will permanently disrupt existing industry practices - I'm glad we're not in the business of preventing people from making copies of bits, shipping shrink-wrapped boxes or charging people for periodic upgrades - but a company like Evernote simply could not have attained a fraction of our current momentum even three years ago. App stores, cloud services, cross-platform users and Freemium economics made it all possible.

There are those that "get it." Those that don't won't matter for very long. ®

Matt Asay is senior vice president of business development at Strobe, a startup that offers an open source framework for building mobile apps. He was formerly chief operating officer of Ubuntu commercial operation Canonical. With more than a decade spent in open source, Asay served as Alfreso's general manager for the Americas and vice president of business development, and he helped put Novell on its open-source track. Asay is an emeritus board member of the Open Source Initiative (OSI). His column, Open...and Shut, appears twice a week on The Register.

SANS - Survey on application security programs

More from The Register

next story
Android engineer: We DIDN'T copy Apple OR follow Samsung's orders
Veep testifies for Samsung during Apple patent trial
This time it's 'Personal': new Office 365 sub covers just two devices
Redmond also brings Office into Google's back yard
Batten down the hatches, Ubuntu 14.04 LTS due in TWO DAYS
Admins dab straining server brows in advance of Trusty Tahr's long-term support landing
Microsoft lobs pre-release Windows Phone 8.1 at devs who dare
App makers can load it before anyone else, but if they do they're stuck with it
Half of Twitter's 'active users' are SILENT STALKERS
Nearly 50% have NEVER tweeted a word
Internet-of-stuff startup dumps NoSQL for ... SQL?
NoSQL taste great at first but lacks proper nutrients, says startup cloud whiz
Windows 8.1, which you probably haven't upgraded to yet, ALREADY OBSOLETE
Pre-Update versions of new Windows version will no longer support patches
Microsoft TIER SMEAR changes app prices whether devs ask or not
Some go up, some go down, Redmond goes silent
Red Hat to ship RHEL 7 release candidate with a taste of container tech
Grab 'near-final' version of next Enterprise Linux next week
Ditch the sync, paddle in the Streem: Upstart offers syncless sharing
Upload, delete and carry on sharing afterwards?
prev story


Designing a defence for mobile apps
In this whitepaper learn the various considerations for defending mobile applications; from the mobile application architecture itself to the myriad testing technologies needed to properly assess mobile applications risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.