- Email: [email protected]
Small firms attacked by pirates
Volume
3 Number
2
DECEMBER
ISSN 0142-0496
1980
COMPUTEEETiEDM SECURITY BULLETIH Editor:
MICHAEL
Editorial Advisors:
COMER
Network Security Management Ltd, London
Jay J Becker Assistant District Attorney and Director of National Data Centre for Computer Crime, Los Angeles, California
Associate Editor:
Andrew Chambers School, London
ROBERT V JACOBSON President, International Security Technology Inc, New York
Robert P Campbell,
CDP, President, Advanced Information Management Inc, Virginia Senior Lecturer in Audit & Management
Control, City University Business
Ray Ellison Senior Consultant MRL, Cheshire Peter Hamilton Jocelin
Managing Director, Zeuss Security Consultants Ltd, London
Harris Lawyer and Banker, London
Peter J Heims Fellow of the Institute of Professional Investigators, London Geoffrey
Horwitz
Executive, Ned Equity Insurance Co Ltd, Johannesburg
Jules B Kroll President, Kroll Associates, New York Norman
Luker Security Management,
Dorm 6 Parker Senior Management
Northern Telecom Ltd, Montreal Systems Consultant, Stanford Research Institute, California
Alec Rabarts Fellow of the Institute of Chartered Accountants, Timothy J Walsh President, Harris and Walsh Management
C(INTENTS
Small firms attacked by pirates Program and data thefts Screwdriver in the works A fishy story IBM moves to protect itself Computers get out of control
SMALL FIRMS ATTACKED BY PIRATES
1 2 4 6 7 8
London
Consultants, New York
Trade secrets for sale Contingency planning Structured analysis Infiltrating the system part II, counter measures Some are more secure than others Playing to win
10 10 11 12 15 15
The British computer trade press reports that pirates are putting small companies out of business by making and selling counterfeit copies of cassette based programmes for hobby and small business computers. At least nine small companies have gone to the wall as a result of illegal copying. Conventional software protection techniques have been largely unsuccessful in dealing with cassette-to-cassette copying, although higher levels of protection can be achieved with diskette based software. A read-only memory chip, built into a protected system, prevents the user from listing or copying. At least this is the theory. It has been reported that a device is freely available which overcomes read-only protection. A number of cases of piracy have been reported in the US, and a couple in the UK: Two men, Vincent Coen of LPS Romford, Essex and his colleague Alan Potter of Eurocalc Software have been arrested by the Metropolitan Police and charged at Old Street Magistrates Court with conspiracy to cheat Graham Dorian Software Inc and Eurocalc. The charges follow an intensive police investigation
Elsevier InternationalBulletins
0 1980 Elsevier Sequoia S.A. No part of this publication may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, electronic, mechanical, photocopying, recording or otherwise, without the prior written permission of the publisher.
-2-
into the complaints made by Dorian that illegal copies of proprietary software were hitting the market. This is the first known prosecution of this type in the UK. Previously, Kansas City Systems admitted in the UK High Court to infringing the copyright of programs produced by A J Harding etc, but the litigation was settled out of court on payment of E2000.
PROGRAM AND DATA THEFTS
New programs
Mobile, Alabama - Max Coffee, an ex-employee of Applied Systems Inc, was found guilty of stealing programs belonging to his ex-employer. He was fined $50 000, and an appeal is pending. The trial, which was before a jury, concerned the theft of eight general business programs, developed by Applied Systems Inc. Coffee left the company and took a number of ASI's customers with him by offering them cheaper processing and support rates. He formed his own company called Data Plus Inc.
for oZd
In his defencer Coffee said that he had regenerated and redeveloped the programs, using his own resources in his new company. The jury did not believe him, considering that there had been insufficient time between his termination from ASI and the offer for sale of the programs by Data Plus Inc. Expert witnesses were called on behalf of the prosecution, and obviously succeeded in getting their message over to the jury.
Claim for damages
Glendale, California - Three years after starting legal action against Business Information Systems Inc, a small vendor called Mini Computer Business Applications Inc has succeeded in protecting its software. Early in 1978 the suit was filed alleging that BISI had misappropriated software for DEC and PDP equipment developed by MCBA. The Court in Tampa, Florida, found in favour of MCBA and made orders preventing BISI from selling or leasing software developed by MCBA for a period of 10 years; preventing advertising requiring BISI to provide a list or disclosure of MCBA's packages; of people to whom it had sold software, or advertised it; requiring BISI to return all MCBA software and documentation. The claim for damages will be heard in mid January. MCBA is taking an aggressive line against four other companies it believes to have pirated or misused its packages, and is offering one free package to any person or company that comes forward with information that enables it to take action against any other pirate. Atlanta, US District Court - Programmed Closing Systems Inc, a small real estate company, filed suit against Minnesota Title Financial Corporation alleging the theft of programs. Under a contract, signed in January 1978, MTFC received the licensing rights of certain programs developed by PCS, for a Mortgage Information and Servicing System. The conditions of the agreement were such that MTFC would pay PCS royalties on programs it relicensed to other users. MTFC also agreed not to alter the program coding in any way. The suit alleged that MTFC stuck to neither of these conditions.
Stormy relationship
The relationship between the two companies had been difficult. In August 1978, PCS was "confronted" by MTFC and threatened that unless it backed off the agreement MTFC "would harass PCS by instituting spurious legal claims and would disparage the product and discourage other companies from doing business with PCS". Instead of backing off, PCS brought charges of Larceny of Trade Secrets, and breach of
foOIll Volume 3 Number 2
@
Elsevier
Sequoia
SA. Lausanne.
Switzerland.
3 Number
2
DECEMBER
ISSN 0142-0496
1980
COMPUTEEETiEDM SECURITY BULLETIH Editor:
MICHAEL
Editorial Advisors:
COMER
Network Security Management Ltd, London
Jay J Becker Assistant District Attorney and Director of National Data Centre for Computer Crime, Los Angeles, California
Associate Editor:
Andrew Chambers School, London
ROBERT V JACOBSON President, International Security Technology Inc, New York
Robert P Campbell,
CDP, President, Advanced Information Management Inc, Virginia Senior Lecturer in Audit & Management
Control, City University Business
Ray Ellison Senior Consultant MRL, Cheshire Peter Hamilton Jocelin
Managing Director, Zeuss Security Consultants Ltd, London
Harris Lawyer and Banker, London
Peter J Heims Fellow of the Institute of Professional Investigators, London Geoffrey
Horwitz
Executive, Ned Equity Insurance Co Ltd, Johannesburg
Jules B Kroll President, Kroll Associates, New York Norman
Luker Security Management,
Dorm 6 Parker Senior Management
Northern Telecom Ltd, Montreal Systems Consultant, Stanford Research Institute, California
Alec Rabarts Fellow of the Institute of Chartered Accountants, Timothy J Walsh President, Harris and Walsh Management
C(INTENTS
Small firms attacked by pirates Program and data thefts Screwdriver in the works A fishy story IBM moves to protect itself Computers get out of control
SMALL FIRMS ATTACKED BY PIRATES
1 2 4 6 7 8
London
Consultants, New York
Trade secrets for sale Contingency planning Structured analysis Infiltrating the system part II, counter measures Some are more secure than others Playing to win
10 10 11 12 15 15
The British computer trade press reports that pirates are putting small companies out of business by making and selling counterfeit copies of cassette based programmes for hobby and small business computers. At least nine small companies have gone to the wall as a result of illegal copying. Conventional software protection techniques have been largely unsuccessful in dealing with cassette-to-cassette copying, although higher levels of protection can be achieved with diskette based software. A read-only memory chip, built into a protected system, prevents the user from listing or copying. At least this is the theory. It has been reported that a device is freely available which overcomes read-only protection. A number of cases of piracy have been reported in the US, and a couple in the UK: Two men, Vincent Coen of LPS Romford, Essex and his colleague Alan Potter of Eurocalc Software have been arrested by the Metropolitan Police and charged at Old Street Magistrates Court with conspiracy to cheat Graham Dorian Software Inc and Eurocalc. The charges follow an intensive police investigation
Elsevier InternationalBulletins
0 1980 Elsevier Sequoia S.A. No part of this publication may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, electronic, mechanical, photocopying, recording or otherwise, without the prior written permission of the publisher.
-2-
into the complaints made by Dorian that illegal copies of proprietary software were hitting the market. This is the first known prosecution of this type in the UK. Previously, Kansas City Systems admitted in the UK High Court to infringing the copyright of programs produced by A J Harding etc, but the litigation was settled out of court on payment of E2000.
PROGRAM AND DATA THEFTS
New programs
Mobile, Alabama - Max Coffee, an ex-employee of Applied Systems Inc, was found guilty of stealing programs belonging to his ex-employer. He was fined $50 000, and an appeal is pending. The trial, which was before a jury, concerned the theft of eight general business programs, developed by Applied Systems Inc. Coffee left the company and took a number of ASI's customers with him by offering them cheaper processing and support rates. He formed his own company called Data Plus Inc.
for oZd
In his defencer Coffee said that he had regenerated and redeveloped the programs, using his own resources in his new company. The jury did not believe him, considering that there had been insufficient time between his termination from ASI and the offer for sale of the programs by Data Plus Inc. Expert witnesses were called on behalf of the prosecution, and obviously succeeded in getting their message over to the jury.
Claim for damages
Glendale, California - Three years after starting legal action against Business Information Systems Inc, a small vendor called Mini Computer Business Applications Inc has succeeded in protecting its software. Early in 1978 the suit was filed alleging that BISI had misappropriated software for DEC and PDP equipment developed by MCBA. The Court in Tampa, Florida, found in favour of MCBA and made orders preventing BISI from selling or leasing software developed by MCBA for a period of 10 years; preventing advertising requiring BISI to provide a list or disclosure of MCBA's packages; of people to whom it had sold software, or advertised it; requiring BISI to return all MCBA software and documentation. The claim for damages will be heard in mid January. MCBA is taking an aggressive line against four other companies it believes to have pirated or misused its packages, and is offering one free package to any person or company that comes forward with information that enables it to take action against any other pirate. Atlanta, US District Court - Programmed Closing Systems Inc, a small real estate company, filed suit against Minnesota Title Financial Corporation alleging the theft of programs. Under a contract, signed in January 1978, MTFC received the licensing rights of certain programs developed by PCS, for a Mortgage Information and Servicing System. The conditions of the agreement were such that MTFC would pay PCS royalties on programs it relicensed to other users. MTFC also agreed not to alter the program coding in any way. The suit alleged that MTFC stuck to neither of these conditions.
Stormy relationship
The relationship between the two companies had been difficult. In August 1978, PCS was "confronted" by MTFC and threatened that unless it backed off the agreement MTFC "would harass PCS by instituting spurious legal claims and would disparage the product and discourage other companies from doing business with PCS". Instead of backing off, PCS brought charges of Larceny of Trade Secrets, and breach of
foOIll Volume 3 Number 2
@
Elsevier
Sequoia
SA. Lausanne.
Switzerland.