|
Software Infringement
 |
| | |
�Software infringement�
might be a strange word for most of you, but this is a violation where
many users do in a daily basis. As users who benefit from different
types of software, we should be aware of, what is software
infringement? What are the consequences of it. Let�s look at what is
software infringement is?
As a general matter, copyright infringement occurs when a copyrighted
work is reproduced, distributed, performed, publicly displayed, or
made into a derivative work without the permission of the copyright
owner.
-U.S. Copyright Office-
As per the definition software infringement/copyright infringement is
the use of software for many different purposes without the copyright
owner�s (A piece of software is copyrighted to its developer)
permission. Let�s put it in simple way, Software infringement can be
represented in various terms, such as using pirated software�s,
cracked software, fake software, etc.
It�s true that sometimes software�s can be expensive; Having said
that, it is not an excuse for using pirated software. Because there
are pretty decent free and open source (FOS) alternatives available
for many commercial software. It may not be as perfect as a
proprietary software though, Foss software makes a good effort to keep
in line with the proprietary software.
There are many reasons to justify, why it�s not wise to use pirated
software. Few such instances are,
Hidden cost
Using cracked version of software may not always be free. There could
be hidden cost involved in it, which is true in most cases. Assume
that these software is used in a commercial environment. There are
high chances where cracked software may crash your systems, which may
lead to monetary and other losses to the business. With malware
embedded in cracked software, it is highly possibly can happen.
Malware
Why do hackers/crackers crack software and distribute it for free?
Thinking in a rational way, crackers would not distribute cracked
software without any benefit. Certainly there will be benefits for
them. By the looks of it, the software will work perfectly as the
licensed product; But behind the scene there can be malware embedded
to it. Ultimately the cost of using pirated software could end up in a
disaster. Your privacy gets violated, personal/banking information
could be stolen, damage to the systems and many more.
No upgrade/patches/support
Think of a situation where your production department uses a pirated
system for a critical process. All of a sudden the system crashes. And
you don�t have the expertise to fix the issue. What will you do? Now
you are lost. You will have no one to turn to. Not only that these
type of software will not get any upgrades or patches. Patches are
really important when it comes to fixing security and other issues in
the system. These issue can be applicable for both personal and
commercial use.
It is illegal
Everyone knows unauthorized usage of copyrighted software is illegal.
But not many of them realizes it, using these kind of software will
lead them to trouble. People think they will not be caught. This is
not the case anymore. We have come across many incidents where people
are finding police or law enforcement authorities knocking their door
with search warrants to search if you use pirated programs. Keep it in
mind that, almost everything you have done in an environment is
re-traceable.
Having said all these
consequences of using cracked software, there are many ways to stay
safe meanwhile accomplishing you work. If your requirement is for a
short period of time, you can always go for a trial version of
proprietary software. If you need to use it for long term purpose, but
if you can�t afford to buy, it is wise to go for an alternative
software which is free or low in cost, rather than going for an
alternative way to use the expensive commercial software. You can get
a pretty decent community support for Free and open source (FOSS)
software as well. Think wisely and make decision.
By
Abdul Raheem
Abdul
is an Associate Information Security Analyst at Sri Lanka CERT|CC
| | | | | | |
References | | |
1 Statistics on the Internet
growth in Sri Lanka | | |
http://www.trc.gov.lk/images/pdf/ | | |
statis_sep_2012.doc | | |
2.The Dragon Research Group (DRG) | | | |
http://www.dragonresearchgroup.org/ | |
3.TSUBAME (Internet threat
monitoring system) from JPCERT | CC | | |
https://www.jpcert.or.jp/english/tsubame/ | | |
4.Shadowserver Foundation | | | | | | | | | | |
http://www.shadowserver.org/wiki/ | | |
5. Team Cymru | | |
http://www.team-cymru.com | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | |
| | | | | | |
| |  | | | | |
 | | |  |
Multi-stage malware sneaks into Google Play | | | |
 | | | |
"....Another set of malicious apps
has made it into the official Android app store. Detected by ESET security
systems as Android/TrojanDropper.Agent.BKY, these apps form a new family of
multi-stage Android malware, legitimate-looking and with delayed onset of
malicious activity.
We have discovered eight apps of this malware family on Google Play and
notified Google�s security team about the issue. Google has removed all eight
apps from its store; users with Google Play Protect enabled are protected via
this mechanism...." | | | |
Hackers hit Sacramento transit system, demand
money to stop attack | | | |
"...Hackers looking for a payout
have hit the Sacramento Regional Transit (SacRT) system, defacing the agency
website, erasing data from some of its servers, and demanding money to stop
the attack and not do further damage...." | | | | | | | |
WHAT DO CHINA�S POLICE COLLECT ON CITIZENS IN
ORDER TO PREDICT CRIME? EVERYTHING | | |
|
'...When a woman named Wu received a text message from a local fire
department about the inhabitants of her home, she was shocked. The
department notified Wu that her house, rented out to a couple, had in
fact been sublet to many others. Long before she knew it, the details of
her house had been input into China�s policing system, which has a
better memory than most people in China about what they did, and where,
and when.....' | | |
| | |
ADOBE PATCHES FLASH PLAYER, 56 BUGS IN READER
AND ACROBAT | | | | |
 | |
| | |
'...Adobe kicked off today�s Patch Tuesday barrage with a monster update
for Acrobat and Reader patching dozens of remote code execution
vulnerabilities, along with the near-customary Flash Player update
addressing a handful of critical flaws.
None of the vulnerabilities patched today are under active attack, Adobe
said; Adobe also pushed out security bulletins for Photoshop CC, Connect,
DNG Converter, InDesign CC, Digital Editions, Shockwave Player and Adobe
Experience Manager.....' | | |
Microsoft and GitHub team up to take Git
virtual file system to macOS, Linux | | |
 | | | |
'....One of the more surprising stories of the past year was Microsoft's
announcement that it was going to use the Git version control system for
Windows development. Microsoft had to modify Git to handle the demands
of Windows development but said that it wanted to get these
modifications accepted upstream and integrated into the standard Git
client.
That plan appears to be going well. Yesterday, the company announced
that GitHub was adopting its modifications and that the two would be
working together to bring suitable clients to macOS and Linux....' | | |
| |
|
|
Month in Brief | |
Facebook Incidents
Reported to Sri Lanka CERT|CC in October 2017 | | |
 | |
| | |
Statistics - Sri Lanka CERT|CC | |
|
| | |
| | | |
Multiple Intel firmware vulnerabilities in
Management Engine | |
 | |
'...The research that led to finding the Intel firmware
vulnerabilities was undertaken "in response to issues identified by
external researchers," according to Intel. This likely refers to a
flaw in Intel Active Management Technology -- part of the Intel ME --
found in May 2017 and a supposed Intel ME kill switch found in
September. Due to issues like these, Intel "performed an in-depth
comprehensive security review of our Intel Management Engine (ME),
Intel Server Platform Services (SPS), and Intel Trusted Execution
Engine (TXE) with the objective of enhancing firmware resilience."....' | |
DNS resolver 9.9.9.9 will check requests
against IBM threat database | |
 | |
"...The Global Cyber Alliance
has given the world a new free Domain Name Service resolver, and advanced it
as offering unusually strong security and privacy features.
The Quad9 DNS service, at 9.9.9.9, not only turns URIs into IP addresses,
but also checks them against IBM X-Force's threat intelligence database.
Those checks protect agains landing on any of the 40 billion evil sites and
images X-Force has found to be dangerous. .." | |
Uber hid hack that exposed data of 57 million
users, drivers | |
 | |
�..Uber revealed Tuesday that hackers stole data on 57 million drivers
and riders in October 2016, the ride-hailing company said on Tuesday.
The pilfered data included personal information such as names, email
addresses and driver's license numbers, the company said. Social
Security numbers and credit card information, however, didn't appear to
have been compromised...� | |
Survey: Cloud security concerns linger,
but not enough to stop adoption | |
 | |
."...Organizations are increasingly willing to migrate their
applications, data and processes to the cloud in spite of lingering
security concerns, according to a new survey of Canadian senior-level IT
practitioners by security and cloud solutions provider Scalar Decisions.
According to the 2016 Scalar Cloud Study, respondents listed security as
one of their chief concerns prior to migrating their processes to the
cloud (37 percent) and even more so as the migration proceeds (75
percent, the #1 concern). Moreover, 77 percent of survey-takers said
their organizations are not doing enough to address cloud security on
the IT or business side, or both...." |
|
