[=-------------------------------------------------------------------------=]

title: Hacking Into Piracy
source: The Telegraph

22nd October 1996

Computer crime investigators are using the techniques of their
adversaries to crack down on illegally traded software. Michael
McCormack reports.

The adage "Set a thief to catch a thief" is being updated for the
electronic age as online investigators use hackers' techniques to fight
a thriving trade in counterfeit and pirate software that is reckoned to
cost British program-makers more than £3 billion a year.

"Jason", a computer crime investigator employed by Novell to shut down
bulletin boards that trade pirate copies of its software, leads a
confusing double life. First he spends weeks in his office, surfing the
Internet and wheedling secrets from hackers around Europe; then he
compiles dossiers of evidence on the system operators who deal in Novell
wares, flies to their bases, presents the local police with his reports,
and accompanies them on the inevitable raid.

"Every day I'm on IRC [the Internet's chat lines, where information can
be exchanged quickly and relatively anonymously] looking for tips on new
bulletin boards that might have Novell products on them," he says.

"Our policy has been to go country by country through Europe and try to
take down the biggest boards in each one"

"It tends to be the biggest boards that have our products, and those can
be difficult to get on to. The operators have invested a lot of time and
cash in setting them up and they're sometimes quite careful who they'll
let on. I often start by joining dozens of little boards in the area to
get myself a good reputation, which I can use as a reference to get on
to the big board.

"Our policy has been to go country by country through Europe and try to
take down the biggest boards in each one. That has a chilling effect on
the other operators. They think, 'If he could get caught, I'm doomed.'
Within days of us taking down a big board, Novell products disappear off
the smaller ones."

Once Jason gains entry to a big board, the game begins in earnest:
"Bulletin boards work on the principle that if you want to take
something off, you first have to put something in. Obviously I can't put
in Novell's products, or any other company's; instead, we use a program
we wrote ourselves. It's huge, and it has an impressive front end full
of colour screen indicators and menus. It doesn't actually do anything
but it looks impressive and it lets you start pulling things off the
site."

Once Jason finds company products on a board, he makes a video of
himself logging on and retrieving a copy of the software.

[* Talk about freako bizarre narc fetishes.. *]

Bulletin boards often have restricted areas closed to all but a few
trusted members, and these are where the most illegal products - such as
expensive business or word-processing packages copied from beta releases
or pirate disks - are kept. Penetrating these areas takes a skill
learned from the hackers. "It's called social engineering," says Jason.
"It just means chatting up the operator until he decides to trust you
with the goodies."

Once Jason finds company products on a board, he makes a video of
himself logging on and retrieving a copy of the software. Then it's on
to a plane to go and lodge a complaint with the local police.

He is helped by Simon Swale, a fellow Novell investigator and former
Metropolitan Police detective who uses his experience of international
police procedures and culture to ensure that foreign forces get all the
technical help they need.

In the past six months, Jason's investigations have shut down seven
bulletin boards across Europe, recovering software valued at more than
£500,000. The company reckons the closed boards would have cost it more
than £2.5 million in lost sales over the next year.

Jason has vivid memories of the early-morning raid on the operator's
house.

One of the Jason's biggest successes came earlier this year in Antwerp,
when he guided Belgian police to the Genesis bulletin board, which held
more than £45,000 worth of Novell products and a slew of other pirate
software. Jason has vivid memories of the early-morning raid on the
operator's house: "The first thing he said was, 'I have nothing illegal
on my system.' So I set up my laptop and mobile and dialled into it from
his kitchen. All the police watched as I tapped into my keyboard and
everything popped up on his screen across the room. I went straight
in to the Novell stuff and he said, 'Okay, maybe I have a little'."

The system operator, Jean-Louis Piret, reached a six-figure out-of-court
settlement with Novell. More importantly for the company, its products
have all but disappeared from Belgium's boards in the wake of the raid.

There are, however, many more fish to fry. Jason already has another
three raids lined up for autumn . . .