This week, I had a meeting with a distributor for my super secret software project. The aim of this meeting was firstly to decided how much the software would sell for (my suggestion – all the money) and secondly, what kind of terms there would be on types of licence, support and other such very dull things. Thankfully these were mostly things I had prepared for (e.g. I want it to go open source the moment that support is discontinued) but one thing that took me by surprise, was a request that the software include digital rights management (DRM).
DRM is essentially the bit of the program tasked with stopping thieving customers from taking your software and say, installing it on 1000 different machines, while only paying for one copy. There are various ways this can be achieved – below is a list of some of the DRM methods used by similar software packages.
- Serial key – Copy is tied to a poorly printed serial key
- Phone home – Software checks in with a server every time it’s run to check it’s the only copy running
- Flash key – Need a flash drive to be connected to run the software
- Installation lock – Upon installation the software takes an image of your computer hardware and locks itself to that computer
The super secret software I’ve written, is highly specific to running a particular machine and at most, I will probably only ever sell 500-1000 copies. Beyond that, there is exactly zero scope for further sales as I am limited by the actually number of machines in existence. Also, the community that works with these machines is pretty close knit and there is a high probability that my program will be shared between friends and contacts. Heck, if one copy of my software is shared internally at a university, then that could wipe out 1-5% of possible sales in one go.
So, the argument goes, by putting DRM on my software and some how preventing this sharing, I can protect my very small sales base and, with any luck, actually make enough money to develop other products.
And for one tiny moment I actually considered that maybe, for me, DRM might be the answer.
My working theory is that my brain was taken over by a rogue brain cell that had clearly not be paying attention and got a little carried away. That must be the explanation because no matter how I look at it DRM is a bad idea:
Customers want to pay for software. Okay, so I accept that there are some people for whom software piracy is the way to get software and feel that anyone paying for it is basically an idiot. These people are the minority, not the norm. The majority of piracy appears to simply be because companies are not delivering the products to customers with as good a service as can be offered by the pirate market. Example, movie piracy rates drop in countries after Netflix is introduced.
For my software, this simply means that rather than making everyone buy their own copies of the software, we might consider offering group/site licences at a reduced rate. People pirating my software is a sign not that people are evil but that my pricing is wrong or perhaps people want a different version.
DRM is really, really annoying. I have been playing computer games ever since I can remember. Seriously, some of my earliest memories are of sitting in front of computers listening to repetitive midi music. The computer game industry is one market that has really latched on to the concept of DRM as the solution, and are experts in making DRM that causes more problems for paying-users that it does for the pirates. Taking the list of possible DRM solutions at the top, here are some of the ways those are going to annoy paying-users:
- Serial Key – You need to actually keep the serial key. Labs are busy places with high turnover rates of staff – the likelihood of actually preserving a tiny scrap of paper for 2yrs+ is basically zero.
- Phone home – My lab computer isn’t on the internet (and has never been) – how would that work? And what if you want to do an experiment on a day when the internet is down (an annoyingly frequent problem)…
- Flash key – Same problem as the serial key really, but with the added problem that a Professor might absentmindedly wipe it or loose it down the back of one of their leather office chairs.
- Installation lock – This would work seamlessly right up until the computer develops a fault and say, needs a new graphics card or minor upgrade. Then the software will look like a new computer and will no longer work.
By causing all these problems, the companies are essentially saying “we care more about our bottom line that the actually usability of the software” by using the argument “we have to do something to stop piracy!”.
It doesn’t actually work. As I mentioned, I am an avid gamer and at some point I have experienced all of the problems caused by DRM that are listed above. After paying £40 for a game only to be told “sorry you can’t play because our validation servers are down” is rage inducing. But luckily for me, while irritating as all hell, DRM is pretty breakable even without modifying the software.
- Serial key – err, just tell people your serial so they can make the software work
- Phone home – a bit trickier but you either just block the call home or spoof the reply using any one of several network tools.
- Flash key – make an image of the drive and either permanently ‘mount’ it in the computer or simply make your own flash drives.
- Installation lock – install the program in a virtual machine and then share the virtual machines with other people.
Obviously, there are ways to counter these with DRM but what you create is an arms race of constantly more irritating DRM designed to stop people breaking it, which in turn creates more demand to crack it so that people don’t have to deal with it.
I have to confess, that I have actually done all of the above techniques on software I’ve purchased because the DRM was so limiting that it basically meant I couldn’t use it without the cracks.
1 pirated copy ≠ 1 sale lost. Ignoring all the above for a moment, I want to go back to the core argument for DRM – that someone using a pirate copy is someone who will now not pay for a copy. This is fallacy in extremis. My software will not be cheap, it will cost money; some people/groups won’t have the money for my software, not now and probable not ever. If they pirate my software I haven’t lost a sale, what I have done is gained a group of people who will not only talk about how awesome my software is but also, will be familiar with using my software. When people leave that group and go to other groups they might think “I know that software and I think it’s good, I better buy my new group a copy”.
This string of events won’t always be true but it does mean that I can’t just view piracy in simple terms of ‘a pirated copy = a lost sale’. Piracy will never account for 100% of the copies in use, and if more people are using my software, then the argument for why a group should buy my software is that much easier – “well everyone else is using ‘Jumpoffacliff v.1’ so you should too”.
So all thing considered, I won’t be putting DRM in my software. Not now and not ever. I want people to use my software and I want people to buy my software and DRM is not the way to make either of those things happen.