Issue 10.3 • Spring 2004 Ethics and Computer Science

CROSSROADS STAFF

EDITOR IN CHIEF: William Stevenson, Pennsylvania State University Ethics and Computer Science Spring 2004 — Issue 10.3 MANAGING EDITOR: Jeremy Lanman, Embry-Riddle Aeronautical University COLUMNS & REVIEWS COPY EDITOR: Parag Mallick, University of California, Los Angeles INTRODUCTION 2 by Jeremy T. Lanman ONLINE EDITOR: Jose´ Campos, HOULD OMPUTER CIENTISTS ORRY BOUT THICS Coimbra University S C S W A E ? 3 DON GOTTERBARN SAYS, “YES!” ASSISTANT ONLINE EDITOR: by Saveen Reddy Durga Prasad Pandey, Indian School of Mines

ASSOCIATE EDITORS: FEATURES Gary Glasscock, Campbellsville University USING SOFTWARE WATERMARKING TO DISCOURAGE PIRACY Jerry Guo, Riverside High School 8 by Ginger Myles Brandon Lewis, Centre College THE EFFECTS OF PIRACY IN A UNIVERSITY SETTING Mina Radhakrishnan, 12 by Joseph Nyiri Cornell University Lisa Sehannie, MULTILEVEL SECURITY:PRIVACY BY DESIGN Kennesaw State University 17 by Stephany Filimon Melissa Stange, Nova Southeastern University ETHICAL LESSONS LEARNED FROM COMPUTER SCIENCE 23 by Richard Bergmair SPANISH EDITOR: Paulo Lama, American College for Computer & Information Sciences

GRAPHICS EDITOR: José Campos, Coimbra University

REVIEWERS: Christian Collberg, Contact ACM and Order Today! Phone: 1.800.342.6626 (USA/Canada) Postal Address: ACM Member Services University of Arizona +1.212.626.0500 (outside USA/Canada) P.O. Box 11405 Lee Hollaar, Fax: +1.212.944.1318 New York, NY 10286-1405 USA University of Utah Internet: http://store.acm.org/acmstore Please note the offering numbers for fulfilling claims or single order purchase below. Richard Lejk, University of North Carolina Copyright 2004 by the Association for Computing Machinery, Inc. Permission to make digital or hard copies of part of at Charlotte this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page or initial Anne Marchant, screen of the document. Copyrights for components of this work owned by others than ACM must be George Mason University honored. Abstracting with credit is permitted. To copy otherwise, to republish, to post on servers, Suzanne Wagner, or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from Publications Dept., ACM Inc., fax +1 (212) 869-0481, or [email protected]. Niagra University Crossroads is distributed free of charge over the internet. It is available from: OFFERING #XRDS0103 http://www.acm.org/crossroads/

ISSN#: 1528-4981 (PRINT) Articles, letters, and suggestions are welcomed. For submission information, please contact 1528-4982 (ELECTRONIC) [email protected]. Introduction by Jeremy T. Lanman

“Commitment to ethical professional conduct is While the first three articles use ethics to study computer expected of every member (voting members, associate science, in our final article, “Ethical Lessons Learned from members, and student members) of the Association Computer Science,” Richard Bergmair turns the tables and for Computing Machinery (ACM) [1].” uses computer science techniques to study ethics itself. Bergmair describes an AI that makes decisions about the On October 16, 1992, the ACM adopted the ACM Code of notions of “right” and “wrong” after having a basic set of Ethics and Professional Conduct. This code consists of “24 ethics and logical rules pertaining to them programmed in. imperatives formulated as statements of personal responsi- While the article is mainly a thought experiment, it serves bility.” They address various issues that computing profes- as an interesting introduction to philosophical issues. sionals are likely to face. The feature articles in this issue on Ethics and Computer Science relate to Section 1 of the ACM Nearly ten years ago, Crossroads featured the interview, code on “General Moral Imperatives,” and more specifically, “Should Computer Scientists Worry About Ethics? Don to the subsections describing property rights, giving proper Gotterbarn Says, ‘Yes!,’” in an issue on Computers and credit for intellectual property, and respecting the privacy of Society. At that time, one of our editors, Saveen Reddy, inter- others (sections 1.5, 1.6, and 1.7, respectively) [1]. viewed Professor Don Gotterbarn, a computer and informa- tion science professor at East Tennessee State University. In the first article, “Using Software Watermarking to Discour- Gotterbarn described the many issues on ethics in computer age Piracy,” Ginger Myles provides insight into software piracy science and their social concerns at that time. It is interest- and copyright infringement. She describes how techniques ing to notice that many of the same concerns on moral such as software watermarking protect software from piracy responsibility ten years ago continue to be relevant today. by embedding various unique identifiers into programs in order to discourage the illegal distribution of software copies. As demonstrated in our feature articles, there are many issues that are constantly debated in the realm of ethics in Given that many of our readers are university students, the computer science. Living in the Information Age, we will all next article is of great interest. The author, Joseph Nyiri, have to face issues of intellectual property, piracy, and pri- tackles the issue of music piracy in his article, “The Effects vacy not only as computing professionals, but as responsi- of Piracy in a University Setting.” Nyiri discusses file sharing ble citizens of our society. and related intellectual property laws such as copyrights on song files. Moreover, he provides the views and opinions of References various groups including university students and officials, 1 Association for Computing Machinery. ACM Code of Ethics and lawyers and political activists, and the infamous Recording Professional Conduct. http://www.acm.org/constitution/code.html Industry Association of America (RIAA). (Oct. 1992). Although piracy issues are very important, security is also a major topic in ethical discussions. Thus, we turn our atten- Biography tion to privacy. Much has evolved in the information world Jeremy T. Lanman ([email protected], http://www.elanman.org) is cur- as a result of the September 11, 2001 terrorist attacks on rently a systems engineer at Lockheed-Martin Corporation in Wash- the United States. These changes are, more specifically, in ington, D.C., and an adjunct professor in the Information and Software terms of increased intelligence data and communications Engineering department at George Mason University in Fairfax, VA. He monitoring. In her article, “Multilevel Security: Privacy by will continue with PhD studies in Spring 2004. He earned an MS in Design,” Stephany Filimon provides insight into protection Software Engineering from Embry-Riddle Aeronautical University in of privacy, and describes various models that may be used Daytona Beach, FL in April 2003, and a BS in Computer Science and to find patterns in data in order to identify user behavior Mathematics from Butler University in Indianapolis, IN in May 2001. while preventing access to specific individual user profiles. Jeremy’s research interests include software engineering concepts, real- Furthermore, she explains how various ethical issues are time systems, requirements engineering, and software architecture. debated between political figures, policy groups, the intelli- Jeremy currently serves as Managing Editor of Crossroads. gence community, and civil rights activists.

2 Crossroads Spring 2004 Should Computer Scientists Worry About Ethics? Don Gotterbarn Says, “Yes!” by Saveen Reddy

In computer science, why should we take any particular I’m confused about your use of “ethical” and then “moral.” pains to consider social issues? There are a number of I’m not being a good philosopher here and maintaining the arguments. One is that as you gain special knowledge and distinction between ethics and morals. When you talk about special talent in society, along with that power comes ethics, you tend to talk about a public system of human responsibility to use it for the good of that society—many interactions recognized as appropriate for some group. So, people in computing have not even raised the issue of social people can talk about professional ethics as a generally responsibility. They have bought into the view that compu- agreed upon set of behaviors for a particular group. ter science is a theoretical discipline with no moral conse- Physicians have a public system of medical ethics, and quences. Some argue that ethics is irrelevant to theoretical because they face many confusing and tough questions, disciplines. You don’t find an ethics of mathematics course. they publish opinions of other physicians about them every You might find an ethics of statistics course. I’m not talking year in the AMA Code of Ethics, Current Opinions. It gives about whether statisticians are moral or not. I’m talking you examples of how to apply the code of ethics to tough about the highly likely possibility that there can be ethical cases. It is public and demonstrable. Engineers have a code applications of statistics. A theoretician might say “What do of ethics. Folks don’t realize that the ACM has a wonderful you mean ethical applications? You either do statistics or code of ethics accompanied by guidelines for professional you don’t.” When you talk about computer science and practice. The guidelines are there to help you understand software engineering, you find the same mistaken view. We the code and use it in decision-making. So, one of the prin- computer scientists kept CS separate from actual applica- ciples of the code says, “Do no harm,” and that is a nice tions or engineering and we were more interested in theory generic type of term. What does it mean? Go to the guide- and efficiency than in applications. That’s what we teach lines. It says “Anything which will cause people to have their our students. When you take a data structures course, we businesses be destroyed, lower their stature as human just ask “Can you figure out the computational complexity?” beings—anything that could cause physical pain and anguish,” and there are examples. The problem is that we don’t emphasize that what we build will be used by people. I want students to realize that what If someone works in the military, their goal is exactly to they do has consequences. That is something we don’t kill and destroy. How do we reconcile this with “do no touch . . . Why be moral? Why build the best product you harm?” Maybe the goal is to get others to submit. I try to can? Our products drive cars, control life-preserving and get my children to submit, and I try not to do it with a two- life-taking devices. As software developers we have a moral by-four. You have to balance the other principles against “do obligation to put quality, which is more than mere effi- no harm.” About 75% of my consulting was done with the ciency, into our products. US government; I was also connected with the nuclear sub- marine division. There was no problem in justifying that. I When I talk about this type of responsibility to industry, peo- as an individual happen to believe in a strong defense. I ple sometimes say, “Well it will cost us more to do the don’t believe you have to convince others by actually using required testing.” I answer, “Yes, it will cost you more in the the whip. If you’re carrying one, that’s enough. That is one short run to build a better product, but in the long run you way to balance things. We get into ethical problems where and your customers will be better off.” To see this, all we have sets of these principles begin to conflict. For example, the to do is point to the automobile industry in the United States, code of ethics says you ought to abide by the law and fulfill and some people will say that if you buy automobiles from your promises and contracts. Dave Parnas made a commit- some foreign country, you will get a better automobile. If you ment to help develop the Strategic Defense Initiative. He ask them “Is it a cheaper automobile?,” the answer is “No.” looked at it like a good computing professional—how the It costs more. What people want is that quality product. blazes do you test a system like that which is designed to That’s not an ethical justification for why be moral. It’s a very protect the US from massive attack? Well, the answer is wait pragmatic justification for why be moral and I think lots of until you are attacked, but that is to not test it. That was companies have realized the applicability of this justification. unsatisfactory to him as a computer scientist. In his role as

www.acm.org/crossroads Crossroads 3 Should Computer Scientists Worry About Ethics?

a computing professional, he raised the issue. That it got false. So, if you say the program is reliable, you must mean raised changed the whole tenor of the project. “one.” Since you can’t say “one,” then it must be “zero.” We can do better than that. I can give you the techniques to get There’s a trend to have projects developed by geographi- as close to “one” as possible. cally distributed groups. They might not even be in the same country. How does this affect us if they may not What are those techniques? There are various kinds of test- even realize the extent of the project on which they work? ing techniques. I’m a software engineer. So, I believe reliabil- That there are difficult cases we can come up with does not ity and quality starts long before coding. I’m going to spend mean that in general we can ignore our ethical responsibil- 40% of my budget getting the requirements right. Then, I ities. When you are working on a project that has certain am going to use different types of requirements reviews, kinds of ramifications, there are standards that we apply design reviews, things of that sort. One, I use these things to that have significant consequences. When I was working for get the product that you want. Two, there’s a responsibility I the submarine division, I knew that it was the nuclear sub- also feel I have: If the product that you think you want is not marine division. I knew what sorts of things they did. I one that I can make reliably, then I should tell you. If I can- could have then done a number of things. One was to con- not make it reliable and it cannot not be made reliable, then tinue to work for them and do any kind of job I decided to I should warn you of the dangers in pursuing this. do: I could have decided I didn’t really like nuclear warfare and stuck a virus in their programs which would move reac- What problem should one have if a program one creates tor rods at the wrong points. I could have left the company goes horribly wrong? There are risks and everyone knows in protest. Those are sets of options, but in all of them, I am that. We accept the risks of vaccinations for instance. thinking in terms of my responsibility for my actions and Even that does not guarantee patient survival. There are their long-range ethical impact. That is different from think- those kinds of limits. You’ve followed out your moral respon- ing about software development merely like a crossword sibility . . . I’m not trying to lay a guilt trip on the world. You puzzle to solve, where I do the solution, throw it away and have the responsibility to produce this product using the go on to the next one. The guy who writes the program for skills that you have. If you take on a job you ought to have a toggle switch doesn’t know whether it is for a bombsite the whole set of skills. I wrote up a case in the SIGCAS or for a car. Admittedly that is a problem. You can’t answer newsletter several issues ago about a person who was con- higher level ethical problems there. You have probably tracting with the military. The person had designed a system heard the excuse for shoddy work from fellow students and the military representative thought he knew how to when they are having problems coding: All programs have design better than the consultant, and they wanted it re- bugs. That’s unacceptable. It gets used as the generic excuse designed. It was a defense system very dependent on inter- to say, “I’m not responsible. Take my shoddy work.” And if active communication in a very hostile environment. It was you recognize your responsibility, there’s a difference in just a most difficult process. The military person said, “Design it the way you’ll do that work. this way.” The consultant knew that it would have been much harder to test it that way. This was an absolutely life- Even if everything is done correctly, we really cannot critical system. The consultant was caught in a difficult situ- guarantee any action one hundred percent. You just said, ation. The military representative said, “Do it my way or the “There are bugs in every program.” I say, “Piffle.” When I project will be canceled.” The consultant knew that if it was talk to groups, I find there is actually very little discussion canceled, the military individual would move on and disap- about testing in programming classes. This is an absurdity. pear and his replacement would not be able to pick up the The issue is not just to solve the problem. It is to solve the project again because it would have been a canned project. problem reliably, maintainably, and so on. We have to teach That is a very tough ethical situation. The consultant had all testing. You say you can’t guarantee a product. I can. In sorts of conflicting issues, and I do not have easy answers. fact, you have contracts where the government certification He had all sorts of interesting obligations. If he refused to do is to a standard, called 4-9s standards of testing, which is it the way the military representative wanted, that would vio- 99.99% reliability—still not 100%. But, its better than 40%. late the contract. What would happen to his employer/cus- “You can’t certify 100%” gets interpreted incorrectly. This tomer as a result? The customer was being warned but then is the game called the black and white fallacy. It says there was being unreasonable. If this system was not in place, are only two values in the world: one for true and zero for many people would then die. If even a marginally defective

4 Crossroads Spring 2004 Should Computer Scientists Worry About Ethics?

system was present, then many people would also die. Now the washer in the wrong position, you would be expected to the consultant has other responsibilities, “You have the con- know that. But the professional engineer, the certified li- tract,” “do no harm,” etc. Thinking about these issues is censed professional who has to sign-off on the fact that you something you have to develop. All these things are part of did that, would probably be the target of that lawsuit. A your responsibility. virtue of being a licensed professional is that when someone in management says sign-off on it, you can say, “I can’t Let us suppose a product fails catastrophically and many because it doesn’t meet the safety standards, and because it people die horribly. Who takes responsibility in the chain doesn’t, Boss, you don’t want me to sign off because we’d all of command and what are the charges? We have to fill in be liable.” In computing, we, at this moment, don’t have that the details to answer your question. At this moment, differ- counter pressure. When someone says, “Do it,” you can’t ent courts in the land would give 18 different decisions. As say, “Someone will sue us because it violates standards.” computing has grown, you have gotten varieties of different publicly asserted opinions. Some are well founded. Some Freshmen CS students don’t even have a clear idea what are just to get press. Judges are well schooled in their disci- their major is about. How can we instill in them this pline but are not computer scientists. We have very few sense of responsibility? What I am talking about is profes- public statements. If, as an engineer, you built a walkway in sional responsibility. Until you begin to understand some of the Hyatt hotel in Kansas City and used a certain type of what computing is about and how small things like round- coupling, I can tell you that’s wrong because the book says ing numbers makes a difference. You try to explain to a not to use that kind of coupling. If you are going to guaran- freshman class situations like this. There is a skyscraper in tee for me 4-9s safety and reliability and you didn’t use Chicago. These buildings sway and we have to put glass in boundary analysis: if you just tested one variable dead cen- them under certain parameters. When you deal with that ter in the range and did just one test, then you are guilty of kind of sway, you have a function that keeps repeating. The malpractice and negligence. There was one case where this difference between rounding and truncation becomes sig- guy stuck a trap in a program. He was let off. The judge said nificant in cumulative calculations. An architectural pro- he’s like a used car salesman—he’s not a professional, he gram was developed and applied to a 100-story building. can’t be held to any professional standards. There are two The glass was put in based on the parameters. Right after cases in California of computer programmer malpractice the building was built, the fraction of an inch difference in where they hung them out to dry for doing that kind of the glass because of truncation instead of rounding led to thing. Depending on what kind of damage you cause, you several sheets of glasses falling from the top floors and can be found guilty under tort law. I would think in a situa- crashing to the streets. This is an example where they might tion where people ignored obviously well-known software think that’s important. However, freshman students think engineering principles, you could be found guilty under tort they will never be involved in such an event. law—provided that you did something knowingly, not that you are a twit and don’t know how to test. When I give my half hour ethics talk, to get the audience’s attention I drag out all these catastrophes. Most people say, Now to your question about a catastrophic failure. Suppose “I’m going to end up working for some bank, and this 20 people die and they are roasted to death or whatever. doesn’t apply to me.” . . . Ethical concerns do not sink in Chernobyl. Suppose you are the guy who wrote the con- at the freshman level. If you take a survey of a freshman troller for Chernobyl. And, you did it knowing that this was class and they don’t know much about computing, their a life-critical system, knowing that the speed of the rods was ethical views are very disparate. With a sophomore class, all too fast and that it would set off an uncontrolled reaction, of a sudden testing begins to be important. With a junior but you did it anyway because you wanted to play golf on class, they start worrying about design because someone Thursday. Then I think even in the current state of affairs, put them on a team or they got the program back and had you at the programmer level, would be found guilty of mal- to modify it. Computer science professors are in some practice. Who is the person above you that is supposed to sense unknowingly teaching ethics. They are teaching the be knowledgeable? We don’t have one. ethics of being a good computing professional.

If in building an engineering product you went to an engi- But how do you do it for freshman? I change the program- neering school and you built the walkway in the Hyatt with ming examples. Instead of doing some program about the

www.acm.org/crossroads Crossroads 5 Should Computer Scientists Worry About Ethics?

three color problem, I find it interesting to have them do a You can’t rerun a pacemaker, it better work the first time. control mechanism for an airplane’s landing gear for Generally, most professional organizations are becoming instance. There is lowering the gear, locking it, turning on more socially conscious. It is true of engineering and med- the light in the cabin indicating the lock. Those things must icine. In computing we are beginning to realize our profes- occur in that order. I don’t have to preach a sermon. sional responsibility. In the early days of professions, like in engineering, the professional societies were designed to fur- Why is licensing and certification important? Having ther the ends of the professional society. You were not standards is important for public reasons. People learn that allowed to criticize other engineers. Lawyers were not a doctor is committed to apply antiseptic to a wound before allowed to criticize other lawyers. The first engineers to ever they close it up. The lay person knows to follow those same be thrown out of an engineering society for violating a code standards. The notion of what is professionally good enlight- of ethics occurred in Los Angeles in the early 1930’s. Some ens non-professional work. The notion of what is profes- engineers criticized other engineers for putting the wrong sionally good in computing as far as testing can enlighten mix of concrete into the viaducts and they were going to non-professional work—people developing programs for collapse. They were whistleblowers. their own use and their own business and so on. And no one can say, “Oh well there are no standards, just do what Now if you look at the code of ethics, the social conscious- you want.” You’ll have a model. So, it is good for what goes ness is broader. It says, “You will try and further the ends of on outside of the profession. It is good for protecting the society by putting the best of your profession forth.” The consumer. It is good for what goes on inside the profession ACM code of ethics says if you see something going on because people cannot then easily slide into “all program’s which is low quality work or dangerous, it is your responsi- have bugs, so you can’t complain that mine has some in it,” bility to do what you can to rectify the situation. The IEEE because we will also have in those standards metrics that code of ethics says not only cause no harm, but also says if can tell you when you are producing too many mistakes. you witness potential for harm, it is your responsibility to act positively to stop it. They do not further go and recom- What licensing does is encourage education. And I am an mend whistleblowing, but the implication is clearly there. educator, I approach licensing using the model of the para- So there is that change in the societies. We are doing things medic. There are several models of licensing. One model that are too life-critical right now. Both the ACM and IEEE says: “Go to school, take a test, and you can pay your fees have gone forward, learned, and are responding now. We and still be licensed.” In the paramedic model, paramedics work with this task force for establishing software engi- are trained and tested and three years later they will be neering as a profession. When you talk to people about it tested again and they will be tested on the new material. there is not a question any more, they say “It’s about time.” There are too many places where computing affects peo- ples lives. Having a licensing mechanism will help ensure How long do think it will be? Before licensing? What we are that there is a group of people that have this knowledge. doing now is preparatory. This is a committee that goes by When you have applications that require this kind of cer- the label of establishing software engineering as a profession. tainty, you can require that it is signed-off, approved, or They are setting out the skills, the educational track, the eth- audited by a licensed computing professional. Licensing will ical commitments and standards of practice for software educate the public, help technology grow, and you have a developers. If you take any thing that is called a profession better likelihood of making a safe product. today, they have those three things. They draw a summation bar under those three things and say, “Therefore, let’s do Licensing seems like an very good thing. Despite the fact licensing.” In computing, the summation bar has been men- that ACM is 49 years old, it hasn’t been implemented tioned but not drawn. I think material will be out within the yet. What explains the delay? I don’t think its a question next two years where this is listed. Then it becomes political of the ACM ignoring anything. We are a brand-new disci- and I have no guess as to the timing. All of the things I think pline. The first thing we did in computing was print checks, are important—licensing and why we should have licensing— write reports, accounting, and actuarial tables. For all of will at that point have been accomplished. those things, if you messed up, you could come back at night, think yourself a hero, and fix your mistakes. Modern So what form will licensing take. Will we have one license applications now don’t allow us to simply reprint reports. for all computing professionals or have sub-licenses? How

6 Crossroads Spring 2004 Should Computer Scientists Worry About Ethics?

will we deal with that? I like the paramedic model for a Do you anticipate that every CS graduate will become number of reasons. One is that paramedics get licensed to licensed or only a certain subset of them? The model will do different things to people. There is a paramedic called a be just like the engineers. You can be various kinds of an first responder who can ride in the ambulance and help carry engineer—chemical, electrical, and civil. That is through a people into the ambulance, but that can’t touch the patient. period of education. You can be a licensed engineer by tak- Another level can take vital statistics, but that’s it. At another ing an examination, becoming an engineer in training, level, you can administer medication. There’s a top level working for an engineering company for a while, and then where you can cut the patient if necessary. For computing, I taking your professional engineering test. I think that’s the don’t know what these categories will be. People talk about way it is going to be for computer professionals. “safety critical” but it gets crazy to talk about what is safety critical. The mechanism of an airbag is safety critical when Biography you are driving. The mechanism of antilock brakes in safety Don Gotterbarn is a Professor of Computer and Information Sciences critical. There is a recent case where a program that prints at East Tennessee State University, where he helped develop their checks online proved to be safety critical, because its failure Master of Software Engineering program. He previously taught at The generated some riots in a welfare center. So, where to draw Wichita State University, Allegheny College, and the University of the lines is a problem. What the categories are is something Southern California. He also worked as a computer consultant at the I don’t know yet. I think you will have a generic kind of Philadelphia Navy Yard and with the Saudi Arabian Navy. He enjoys license like physicians. They can be a physician but then also painting in watercolor and hiking. Professor Gotterbarn is a member be registered as a neurosurgeon or in some other area. That of the ACM and the IEEE Computer Society. will go on. There will also be corporate product licensing.

www.acm.org/crossroads Crossroads 7 Using Software Watermarking to Discourage Piracy by Ginger Myles

Introduction the software in a secure environment, the pirate is unable to Software piracy and copyright infringement are rapidly increas- gain access to the software. This technique prevents the ing. Historically, the spread of pirated software required the attacker from observing the behavior of the software. The transfer of a physical copy (i.e., a disk), limiting the rate of ille- obvious drawback to this technique is the additional cost of gal software distribution. However, recent increases in network requiring all users to have tamper-proof hardware. The sec- transfer rates and ease of access have eliminated the need for ond hardware-based technique is a dongle which is a device physical media-based piracy. To compound the problem, soft- distributed with the software. Possession of the device proves ware is being legally distributed in platform-independent for- ownership of the software. A dongle typically connects to an mats, such as Java bytecode and Microsoft’s Intermediate I/O port and computes the output of a secret function. Language (MSIL). These formats closely resemble source code, Periodically the software queries the dongle. If the result of which can easily be reverse engineered and manipulated. the query is the wrong output, the software reacts appropri- Thus, it is much easier for software pirates to bypass license ately. There are two drawbacks to the use of dongles: cost (a checks. In addition, unscrupulous programmers can steal algo- single dongle can cost at least $10) and distribution of a don- rithmic secrets, which decreases their own production time gle with software over the Internet is impractical. and allows them to gain an edge on the competition. Code obfuscation, a software-based solution, is a technique There are legal ramifications associated with software piracy, which aids in the prevention of reverse engineering through such as statutory damages of up to $150,000 for each pro- transformations that make the application more difficult to gram copied [1]. However, these fines are often targeted at understand, while preserving the original functionality. The an unsuspecting end user and not at the person responsible idea is to obscure the readability and clarity of the program for the piracy. When a person unknowingly purchases and to such a degree that it is more costly for the attacker to uses an illegal piece of software, it is often difficult to trace reverse engineer the program than to simply recreate it. this software back to the guilty party. In addition, it is also This particular technique was the focus of the Crossroads hard to detect and prove that a dishonest programmer has article “Protecting Java Code via Code Obfuscation” by taken advantage of a trade secret. This article focuses on soft- Douglas Low [6]. The second software-based technique is ware watermarking, a software-based technique developed to software tamper-proofing. In this technique, methods are aid in piracy prevention and identification of the guilty party. employed to prevent the alteration of the program. For example, many programs contain license checks that pre- Piracy Prevention Techniques vent the user from using the software after a specific date. Organizations such as the Business Software Alliance (BSA) To prevent an attacker from removing the license check, [1] perform audits to verify that corporations are not using tamper-proofing techniques are used that prevent the alter- illegal software. Unfortunately, auditing does not identify an ation. If an attacker does remove the license check, then the unknown software pirate or unethical programmer. In an tamper-proofing technique causes the software to fail. A attempt to curb software piracy, a variety of hardware and third software-based technique is software watermarking, software techniques have been proposed. The hardware- which we will discuss in detail. based approaches typically provide a higher level of protec- tion; however, they are more cumbersome for the user and Software Watermarking more expensive for the software vendor. Two such exam- Software watermarking is a technique used to protect soft- ples are tamper-proof hardware and dongles. Software- ware from piracy. Unfortunately, watermarking alone does based solutions, such as code obfuscation, software not prevent piracy. Instead it is used to discourage a user tamper-proofing, and software watermarking, are cheaper from illegally redistributing copies of the software. The gen- but provide a lower level of protection. eral idea of software watermarking is very similar to media waterma