I get asked a lot of questions about OS X software piracy. I recently talked with a friend of mine who is just learning Objective-C and wants to get into developing indie Cocoa applications, and one of the first topics that came up was that of piracy and secure registration mechanisms. Now, I have released a couple applications at this point (or at least been involved with more than one shipping application), enough to have a bit of perspective in this area.
First of all, the most important thing I can possibly stress to any Mac developer (I say Mac because I have no experience with writing Windows software or how piracy works on that OS) is to understand this:
People pirating your software are not to be considered a part of your target audience.
If someone downloads a cracked version of your app, they were most likely never going to purchase it in the first place. Therefore, they are not stealing because you have lost nothing from their act of piracy. This also deeply influences my feelings about strict registration mechanisms… If you spend a lot of time and build an extremely powerful and secure system, you are only delaying your apps release and making it just that much more inconvenient for your honest users. Obviously, you need to have some level of security so your honest users don’t come along and accidentally stumble on an easy crack – but it doesn’t need to be built to keep the king of pirates out.
Also, go into development assuming your app will get cracked at one point – because it probably will. The OS X piracy community is VERY active. The best thing you can do is develop a registration mechanism that is tied to a server to prevent serial numbers from floating around… other than that, it isn’t worth spending your time and energy trying to prevent crackers from doing what they do best. We spent a lot of time trying to build FileLock in a way that made it hard to crack, and let’s just say it didn’t delay things in the slightest. I have heard complaints from fellow developers about using AquaticPrime as a registration system, and that it is far too easy to crack. Well, it may be true that it is easy to crack, but not so easy your grandma could do it. When it comes down to it, honest users will appreciate the simplistic registration process and ease of use, while pirates will still just crack your app. You as the developer have lost nothing more by taking the shorter, friendlier, more crackable route.
Finally, and maybe most importantly, I believe that a balance can be reached with the pirates. If a pirate tries the cracked version of your app and loves it, he/she might recommend it to an honest user friend, or maybe ideally a few honest user friends. You haven’t lost a sale because the pirate wasn’t planning on ever purchasing your app, and you’ve only gained free word-of-mouth marketing (and maybe even new honest users). Note that this isn’t a “technique” per se, and it isn’t taking advantage of pirates – it’s merely a way to think about where pirates fit into the ecosystem. They have their place. And remember, respect is a two-way street.