Wednesday, May 11, 2005

The Hackers will always win

Some time ago I published this as a wake-up call to the game and entertainment industry here. Since then it seems to me that this is becoming relevant to more and more industries and content providers (CP's) of all sorts. These two simple ideas still elude the awareness of so many people it shocks me. So here it is, freshened up a bit and aimed at the CP's collectively.

Rule No. 1 -Surge's Guide to Computing
The hackers will always win. No matter what you do, how sophisticated your plan, intricate your efforts, the hackers will always prevail.

Lets examine why this is so, shall we?

  1. Hackers have unlimited time. CP's have to meet deadlines, face budgetary constraints and need to deliver their product or service in a timely and marketable fashion. The hacker however, waits until the product comes out, and works on it until the desired result is achieved. This is particularly evident in things that cannot be changed after they hit the market, like DVD's and consumer hardware.
  2. Hackers love to do it because CP's don't want them to. Viva la resistance! Hackers form what amounts to clubs, that allow them to team up to solve problems. Look at the OpenSource movement and Linux! Geezus! These people have spent hundreds of thousands of man hours working and 99% of them have made precisely jack doing it. Sometimes hackers will spend every free moment they can spare just to impress their friends or peers, and some of this worlds best hacks have been done to embarrass people seen by the hacker community as undesirable.
  3. Hackers seemingly have unlimited resources. Money, access, time, computing strength, bandwidth, knowledge, talent, and experience to name a few. These resources are dispersed among many, but the bigger the target the more collected resources come together to make a great hack. I can think of a few things as an example of this but if you doubt it's true, you must be a complete fool.
  4. Hackers are smart. Just face the fact. It's a simple and often overlooked fact that many people just don't take into account. CP's spend money and time trying to jam up hackers and P2P users so they can't do what they want to. ( see rule 2 ) Smart people are, at this very moment, working to slip past all the CPs' silly efforts to control, monitor, observe, capitalize upon, harvest data from and in general rule over use of computers and the internet.
  5. If CP's can change, so can hackers. Think CP's are too dynamic for hackers to keep up? Prove it! Just about anything that's worth a crap to anyone is, or has been hacked in someway. CP's are going to loose because hackers are, by nature, relentless.

Rule No. 2 -Surge's Guide to Computing
People will always choose the path that let's them do what they want to.

I know this doesn't seem profound, but it is something that needs to be included. It does seem to escape the minds of awesome companies and their efforts seem bent on getting people to do what the company wants, instead of getting the company to do what the people want. Silly stupid sons of bitches.

  1. Today, people can search for and download music in a portable near-CD quality (good enough for most people) format that is universally recognized by 100's of applications and hardware manufacturers, for free. This is in most cases illegal, and yet wildly popular.
  2. Enormous resources have been applied to prevent this, all have failed.
  3. There is no media format available upon which data can presented that cannot be duplicated or recorded, and then shared with others over the internet.
  4. Anti-Spyware programs [also], anti-spamming efforts and anti-virus [also][also], even ad blocking systems are at an all time high for both their popularity and their technical sophistication. People are working very hard to gain back control of their computers and the things their computers are doing.
  5. When the RIAA/MPAA/Metallica shut down Napster, several new technologies jumped in, and people continued to do what they wanted to do.
  6. When it was discovered that hackers had found out how to decrypt DVD content, the MPAA and it's ilk rushed to blast the offenders with lawsuits and public smears. The hacker response was to make the algorithm as small as possible and distribute it as widely as it could be. Some people printed it on t-shirts. One fellow had it tattooed on his body. Today that same algorithm is used to rip and decode DVD's all over the world. People want to share movies and other DVD content. They want to bypass the DVD region locks that would prevent someone in Asia from viewing a DVD sold in Europe or anywhere else. And people can do it... are doing it. Stand in their way if you'd like ( see rule 1 ) but it's pretty foolish.

Hackers have even been at work to defeat systematic controls like websites that require registration, proof of age, or email verification.

So it brings me to my WHOLE freakin point. So many companies are hard at work to develop ways to stop hackers and pirates. The result of which has formed the following banes of the computer users of the world:

  • Product activation - Microsoft and others.
  • CD-Check
  • CD-Keys
  • Serial Numbers
  • Required Registration
  • Hardware Dongles
  • DRM - Digital Rights Management
  • DMCA - Digital millennium Copyright Act
  • Applications that require the CD to be in the drive to use
  • CSS - Content scrambling System
  • Proprietary formatting of media and content
  • Crippled hardware (blue-tooth cell-phone anyone?)

All of these things have been defeated by hackers, sometimes in as little as a few hours. All of them have been widely distributed and defeating techniques for all of them have been well documented and are freely available.

All of these things make using these products and services more difficult for the users and do not stop hackers! Why do CP's make paying customers suffer for nothing? The cost associated with all the BULL user have to put up with to use the product, only makes the product more costly for the user. CP's could save a lot of money by tossing the BS and spending money on adding out-of-the-box value. Make sure it works out of the box, no patches, or brief server downtime, or momentary delays in your supply cycle... all creative ways of saying the same thing... we ****ed up. And CP's continue to do it. They continue to expand their efforts to control, and capitalize and subjugate computer users and so they will be defeated.