Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Analytics

Pirated Software's Problem

In developing nations, at least, illegal copies of software, music, and movies are riddled with malware

One of the biggest challenges living someplace like Cambodia (which I do) is finding all of the cool tech toys that my geek genes tell me I need. Finding software is similarly difficult, at least when it comes to legal copies of software. I can go down the block to my local market and find almost any software program, music CD, or DVD my little heart could desire, for somewhere around $2 per disc. Finding a legitimate copy of, say, Microsoft Office, is much more of a challenge.

So how does this impact the security scene here? Well, for one thing, those pirated copies at the local markets almost certainly contain what they advertise (whether it be Office, Oracle, or Myst). Many of them also almost certainly contain a little bit more (insert name of your favorite virus/trojan/spambot here). Uh oh.

Now, Cambodia is small, remote, and extremely unconnected. Very few people here can afford a PC, let alone the monthly Internet access. I pay over $100 each month for my 128-kbit/s ADSL link. In a country where $60 a month is a good salary, there are clearly few people even thinking about home network access, let alone spending hundreds of dollars on software, or even $4 on pirated software.

However, this "a little bit more" situation is what's happening in the rest of the developing world, including countries like, say, China, which are much more populous and connected. Think about half a billion people using pirated software, with perhaps 64k connections for each. Add in a few thousand Internet cafes. Even if only 1 percent of the pirated software is infected with some sort of malware (and my hunch is that this is an underestimate), this is clearly a non-trivial problem.

Suddenly all that spam that has been making it through my two layers of filters is not so surprising. All of a sudden we have a large portion of the developing world essentially acting as open relays for spammers. We also have half the world available for a very, very big DDOS attack. This is not good.

So, how do we deal with this problem? That's far less clear to me. There are several problems that need to be addressed to solve it entirely, but it seems relatively intractible on the consumer end. Before you can get consumers to use licensed software, it has to be affordable.

As soon as it is affordable for the local populations, it is going to be purchased locally and resold internationally at deep discounts (already done in the electronics/photo equipment world, where "gray market" equipment is available with no warranty but otherwise in new condition). That makes it unlikely that large (or small) software companies will go for it. The other option would be to solve in a robust way the problem of malware in the operating system. Clearly that's not going to happen any time soon. A third option would be to encourage the use of free (as in beer) equivalent programs.

I'm writing this article using OpenOffice Writer, which is great for me, but I just don't see it taking the world by storm right now. For one thing, knowing OpenOffice doesn't give one much of a leg up in the job market, where knowing Microsoft Office certainly does, and computer skills are one of the few things that show promise at getting people out of poverty around here.

The other thing is a distribution problem. OpenOffice at the local market costs the same as Microsoft Office. If I download OpenOffice it actually costs me more money, since here I pay up to $0.10 per MByte for traffic over my DSL link.

So what's the world to do? I don't see a practical way to eliminate pirated software in the developing world right now. The incentives just aren't there for the local populations. Perhaps if we can develop good filtering, or at least monitoring, at the ISP level we'll be able to reduce the volume of such traffic.

Until then, I guess the best we security professionals can do is keep patching holes on the machines we control and be happy that our own PCs are free of the evil beasties. It seems that escaping being a target is just not likely to happen any time soon.

— Nathan Spande has implemented security in medical systems during the dotcom boom and bust, and suffered through federal government security implementations. Special to Dark Reading

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Commentary
What the FedEx Logo Taught Me About Cybersecurity
Matt Shea, Head of Federal @ MixMode,  6/4/2021
Edge-DRsplash-10-edge-articles
A View From Inside a Deception
Sara Peters, Senior Editor at Dark Reading,  6/2/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
The State of Cybersecurity Incident Response
In this report learn how enterprises are building their incident response teams and processes, how they research potential compromises, how they respond to new breaches, and what tools and processes they use to remediate problems and improve their cyber defenses for the future.
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-23394
PUBLISHED: 2021-06-13
The package studio-42/elfinder before 2.1.58 are vulnerable to Remote Code Execution (RCE) via execution of PHP code in a .phar file. NOTE: This only applies if the server parses .phar files as PHP.
CVE-2021-34682
PUBLISHED: 2021-06-12
Receita Federal IRPF 2021 1.7 allows a man-in-the-middle attack against the update feature.
CVE-2021-31811
PUBLISHED: 2021-06-12
In Apache PDFBox, a carefully crafted PDF file can trigger an OutOfMemory-Exception while loading the file. This issue affects Apache PDFBox version 2.0.23 and prior 2.0.x versions.
CVE-2021-31812
PUBLISHED: 2021-06-12
In Apache PDFBox, a carefully crafted PDF file can trigger an infinite loop while loading the file. This issue affects Apache PDFBox version 2.0.23 and prior 2.0.x versions.
CVE-2021-32552
PUBLISHED: 2021-06-12
It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-16 package apport hooks, it could expose private data to other local users.