The beauty of High School computer security...



  • Let's see, my high school...



    -Blocked access to certain programs, including Firefox, by filename. Rename a program to iexplore.exe and it ran happily.

    -Installed Deep Freeze on many computers, but never rebooted them to complete the installation. The machines would stay on 24/7, thus DF wouldn't actually do anything until a student or power failure finally rebooted them. By then they already had tons of shit installed.

    -Filtered all Internet access through one extremely slow machine. Somehow this filtering only affected IE even though it was server-side.

    -Disable the File menu in Explorer and right-click (way annoying) but didn't block access to cmd.exe, net send, and all those fun things.

    -Didn't password-protect BIOSes.

    -Used such clever passwords as "freezer" for Deep Freeze.

    -Had network admins who would frequently forget to log off the computer when they left.

    -Would wipe the student network space every year, and forget to enable any size limit, so students were free to (and did) fill up the entire server with games.

    -Didn't prevent access to other students' network spaces; you just went to \server\ and could browse everything.

    -Didn't block such things as MSN Messenger, which meant most of the computers were tied up constantly by students pretending to work but really only chatting.

    -Had incompetent staff who insisted that Notepad, with most of my essay typed in it, was a virus and demanded I use Word instead.



    Probably more I can't remember.



  • @lolwtf said:

    -Filtered all Internet access through one extremely slow machine. Somehow this filtering only affected IE even though it was server-side.

    Either a proxy that was only set up in IE or a NAT/proxy that had TCP/IP issues with IE.

     

    Most of your examples sound par for the course, though. 

     

     



  • IE was set to "direct Internet connection".



  • @lolwtf said:

    IE was set to "direct Internet connection".

    Must have been a crappy NAT server, then.. 



  • @lolwtf said:

    -Installed Deep Freeze on many computers, but never rebooted them to complete the installation. The machines would stay on 24/7, thus DF wouldn't actually do anything until a student or power failure finally rebooted them. By then they already had tons of shit installed.
    I'm sure this applies to more of the posts, but haven't these people ever heard of creating a disk image?

    Bah, they're probably not paid enough for that crap 



  • @belgariontheking said:

    I'm sure this applies to more of the posts, but haven't these people ever heard of creating a disk image?

    Bah, they're probably not paid enough for that crap

    Perhaps I'm not understanding you, but that's what Deep Freeze does.  It's actually not a bad program.  I used to use it on test machines because you trash the whole system and just reboot and be back with a clean install.  Great for testing security vulnerabilities, too. 



  • @morbiuswilters said:

    I used to use it on test machines because you trash the whole system and just reboot and be back with a clean install.  Great for testing security vulnerabilities, too. 
     

    Virtual PC FTW



  • @MasterPlanSoftware said:

    Virtual PC FTW

    If only it properly emulated hardware. Oh why must it emulate controllers as PS/2?!



  • @AbbydonKrafts said:

    @MasterPlanSoftware said:
    Virtual PC FTW

    If only it properly emulated hardware. Oh why must it emulate controllers as PS/2?!

     

    Never had that problem, but right tool for the right job really.

    Virtual PC is a great tool for most testing though. Virtual Server is great too.



  • @morbiuswilters said:

    Perhaps I'm not understanding you, but that's what Deep Freeze does
    I see (I think).

    It just seemed silly to me to have to install something and then reboot to get it to work.  Why not create an image in which everything's already installed correctly?



  • @lolwtf said:

    Let's see, my high school...

    ...
    -Didn't password-protect BIOSes.


    Probably more I can't remember.
     

    pwd protected bios is hard to manage/change. It prevents theft, but we had computers encased in STEEL so no worries about pulling comps!

    pwd on bios is needed so studen't dont f-it up. Strangely enough my job does not pwd protect bios, and here u CAN steal comps specially if using the freight elevator!



  • @dlikhten said:

    pwd protected bios is hard to manage/change. It prevents theft, but we had computers encased in STEEL so no worries about pulling comps!

    pwd on bios is needed so studen't dont f-it up. Strangely enough my job does not pwd protect bios, and here u CAN steal comps specially if using the freight elevator!

     

    How the fuck is password protecting the BIOS going to prevent someone from stealing the computer?

    Did you smoke extra crack this morning or something?



  • @belgariontheking said:

    It just seemed silly to me to have to install something and then reboot to get it to work.  Why not create an image in which everything's already installed correctly?

    Deep Freeze is like an "in-place" disk image utility.  The whole idea is that it is very easy to use.  After installing it, you can install anything you want.  Once you want to "freeze" the disk, you type in the admin password and then reboot.  The reboot is required to lock the freeze into place.  I don't think DF makes a complete mirror of the disk, either (I'm not very familiar with its inner workings) but just keeps track of changes separately.  So when you restart a machine that is frozen it will return to it's last state very quickly without having to copy the image back over the disk.  If you need to install new software, you enter the admin password and unfreeze the system and reboot.  The reboots must be because DF seems to use some kind of virtual disk driver to keep writes away from the frozen image.

     

    Anyway, the problem at the original guy's school was that they never did the reboot after freezing the machine so it was still technically unfrozen. 



  • @MasterPlanSoftware said:

    @dlikhten said:

    pwd protected bios is hard to manage/change. It prevents theft, but we had computers encased in STEEL so no worries about pulling comps!

    pwd on bios is needed so studen't dont f-it up. Strangely enough my job does not pwd protect bios, and here u CAN steal comps specially if using the freight elevator!

     

    How the fuck is password protecting the BIOS going to prevent someone from stealing the computer?

    Did you smoke extra crack this morning or something?

    ROFL.

     

    And, yeah, password-protected BIOS isn't easy to change, but it's not like you should ever really need to change it.  Hell, you probably never even have to use it.  Just set it to a random string when the machine comes in, record it in whatever system you use for tracking inventory and forget it.  Also, if you lose the PW for some reason you can just crack the case and reset the CMOS.  This isn't rocket science.



  • @morbiuswilters said:

    And, yeah, password-protected BIOS isn't easy to change
     

    ORLY?

    Just jump the clear BIOS jumper.

    No more BIOS password!

    EDIT: Nevermind, sorry, only read your first sentence. I will leave it for emphasis though. Just in case anyone (dlikhten) thinks it is useful for security.



  • @MasterPlanSoftware said:

    Never had that problem, but right tool for the right job really.

    It's mostly Linux distros that don't like it.



    I'm still trying to get DOS 5 working in it to see if I can get my King's Quest stuff working. DOSBox just falls flat too often.



  • @MasterPlanSoftware said:

    ORLY?

    Just jump the clear BIOS jumper.

    No more BIOS password!

    EDIT: Nevermind, sorry, only read your first sentence. I will leave it for emphasis though. Just in case anyone (dlikhten) thinks it is useful for security.

    To be fair to you, I wasn't very clear in what I meant by "change".  I was speaking of in terms of implementing a "BIOS password policy" which would require a way to update passwords on thousands of machines.  AFAIK, there is no software to centralize this and it all has to be done by hand.  So that's what I meant by hard to change.  My point was that no IT dept. should need to change the BIOS password once it is set, though, because it's such a minor attack vector (nobody can use the BIOS password to attack you across a network, they need physical access to the machine to do anything).  And you're absolutely correct that it provides no real security.  It's mostly just a way to keep non-IT staff from dicking around with the settings.



  • @MasterPlanSoftware said:

    How the fuck is password protecting the BIOS going to prevent someone from stealing the computer?
     

    You obviously need to buy a new computer. The latest BIOSes, when you password protect them, make the computer weigh over 200 pounds, therefore preventing theft (unless the thief knows ahead of time and brings a forklift or something). 

    Reall, MPS! Get with the times! 



  • @KenW said:

    You obviously need to buy a new computer. The latest BIOSes, when you password protect them, make the computer weigh over 200 pounds, therefore preventing theft (unless the thief knows ahead of time and brings a forklift or something). 

    Reall, MPS! Get with the times! 

     

    Sorry, I will get skillz0r3d.

    Maybe dlikhten can educate me?



  • We used to have a list of ways to circumvent our security (Novell NetWare and Windows 98 boxes)...I can't recall many specifics, but I do remember the "unplug the network cable after logging in" trick was used heavily. And I remember the web filter sucked...right-clicking a link and selecting "Open in a new window" got you around almost all blocked content.

    A friend of mine also stole all the mouse balls from the CAD lab. Does that count as poor security?



  • @LieutenantFrost said:

    A friend of mine also stole all the mouse balls from the CAD lab. Does that count as poor security?
     

    Extra points if he littered the halls with them. That could be pretty fun to watch @ class change time.



  • @MasterPlanSoftware said:

    Extra points if he littered the halls with them. That could be pretty fun to watch @ class change time.

     

     Nah...we put them in a pillow case and hit things with it. Those mice balls were -hard-! And the only reason he stole them was because the teacher made a specific point of "DON'T STEAL THE MOUSE BALLS!"  He was just begging for it.

     From that point on, all students were required to turn their mice upside-down when they left the lab. Now they've moved onto optical mice.



  • @MasterPlanSoftware said:

    @morbiuswilters said:

    And, yeah, password-protected BIOS isn't easy to change
     

    ORLY?

    Just jump the clear BIOS jumper.

    No more BIOS password!

    EDIT: Nevermind, sorry, only read your first sentence. I will leave it for emphasis though. Just in case anyone (dlikhten) thinks it is useful for security.

     

    No, I wasen't thinking about it completely. If they can't start the comp due to bios password they can just swap mobo which is like 50 bucks. It won't stop anyone from stealing any info from anyone. Also old bios could be reset by pulling the battery, in the days before flash.



  • @dlikhten said:

    No, I wasen't thinking about it completely. If they can't start the comp due to bios password they can just swap mobo which is like 50 bucks. It won't stop anyone from stealing any info from anyone. Also old bios could be reset by pulling the battery, in the days before flash.
     

    Again, there is a jumper on most mobo's for this purpose. So there is no thinking involved on your side. It was just a stupid comment.



  • @morbiuswilters said:

    Deep Freeze is like an "in-place" disk image utility. The whole idea is that it is very easy to use. After installing it, you can install anything you want. Once you want to "freeze" the disk, you type in the admin password and then reboot. The reboot is required to lock the freeze into place. I don't think DF makes a complete mirror of the disk, either (I'm not very familiar with its inner workings) but just keeps track of changes separately. So when you restart a machine that is frozen it will return to it's last state very quickly without having to copy the image back over the disk. If you need to install new software, you enter the admin password and unfreeze the system and reboot. The reboots must be because DF seems to use some kind of virtual disk driver to keep writes away from the frozen image.
    It works by intercepting all file I/O. Any time something writes to a file it creates a temporary copy and directs all further access to that copy. On reboot the copies get cleared out and the originals are untouched.

    I always did want to see if I could crash it by opening a ton of files (filling up the disk with copies), or opening the temporary copies themselves, or accessing the raw disk. Hm.



  • @lolwtf said:

    It works by intercepting all file I/O. Any time something writes to a file it creates a temporary copy and directs all further access to that copy. On reboot the copies get cleared out and the originals are untouched.

    I always did want to see if I could crash it by opening a ton of files (filling up the disk with copies), or opening the temporary copies themselves, or accessing the raw disk. Hm.

    Yeah, that's what I figured given that rebooting would start you with a clean copy instantly.  You probably can't crash DF by making tons of copies, it's just going to be the same thing as if you filled up a regular disk with files.  I don't think even if you could open the temp copies (not sure if you can or not) it would crash the program since you would just be modifying the files again.  And you can't do raw disk access without a kernel mode driver. 



  • On the contrary, Hex Workshop does it just fine without a driver. I used it in Windows 3.1 to fix the filesystem when a dumb program created a filename with a space in it, but it still works on XP.



  •  At my uni we have to use a proxy server for all internet access, and only http.

    This made it difficult when we had a project that was an online gaming platform.  We decided to make the server pretend to be a web server using http even though it didn't really server web pages.  Even with that restriction solved it was hard to get a server that we could access locally from within the uni (so we didn't need to pay an extortionate amount to download our large test files from our own project server) and also have anyone be able to access it from outside.

     

    Also our desktop wallpaper is locked down to a mandated uni image (which one year was based on a garish orange).  Can't even change it through mspaint or a web browser.

    One year they made a typo in setting the homepage for everyone's profile, so instead of all browsers initially loading the uni website, it displayed a 'server not found' error.  Since instead of a double letter in the uni name, they'd used a triple lettter.  (yes, like that)


  • Garbage Person

    @KenW said:

    @MasterPlanSoftware said:

    How the fuck is password protecting the BIOS going to prevent someone from stealing the computer?
     

    You obviously need to buy a new computer. The latest BIOSes, when you password protect them, make the computer weigh over 200 pounds, therefore preventing theft (unless the thief knows ahead of time and brings a forklift or something). 

    Reall, MPS! Get with the times! 

    200lbs computer? Forklift? Nancies. For the record, the most I've ever seen a human-height stacked shipping pallet of computers weigh is 1600lbs. Some of those individual units DID weigh 200lbs. Most pallets weigh in around 600.



  • @Eternal Density said:

     At my uni we have to use a proxy server for all internet access, and only http.

    This made it difficult when we had a project that was an online gaming platform.  We decided to make the server pretend to be a web server using http even though it didn't really server web pages.  Even with that restriction solved it was hard to get a server that we could access locally from within the uni (so we didn't need to pay an extortionate amount to download our large test files from our own project server) and also have anyone be able to access it from outside.

     

    Also our desktop wallpaper is locked down to a mandated uni image (which one year was based on a garish orange).  Can't even change it through mspaint or a web browser.

    One year they made a typo in setting the homepage for everyone's profile, so instead of all browsers initially loading the uni website, it displayed a 'server not found' error.  Since instead of a double letter in the uni name, they'd used a triple lettter.  (yes, like that)

    Ouch. My local college has basically no restrictions except the wallpaper (not sure if they meant to do this or not, the option just isn't there, or I can't find it), and nobody gives a fuck that I got around it. The idea being when you're in college you should be smart enough not to look at porn (and those around you should be mature enough not to care if you accidentally find some) and the antivirus programs will make sure no naughty websites break anything. How well this policy actually works, I don't know. I was only there briefly and the machines were all brand new. But combine it with something like Deep Freeze (which I think they actually might have had) or a similar program and I imagine it'd work pretty well.



    (Too bad they used Vista. :()



  • @Spectre said:

    @AbbydonKrafts said:
    My high school (1993-1996) only had one programming class, and it was for PASCAL in DOS.

    Yeah, we also had Turbo Pascal. Except it was 2002.

    Sometimes I wonder if they still teach that.

     

     

    yes, they do.

    i started high school in 2004. First two years we had PASCAL, then we 'upgraded' to Object Pascal (Delphi).

    ...but it could've been worse, at least it was not Java :-P 



  • @SEMI-HYBRID code said:

    i started high school in 2004. First two years we had PASCAL, then we 'upgraded' to Object Pascal (Delphi).

    ...but it could've been worse, at least it was not Java :-P 

    At least there are tons of job listings for Java. I rarely see anything for Pascal. There may be a few for Delphi every now and then.



  • @AbbydonKrafts said:

    At least there are tons of job listings for Java. I rarely see anything for Pascal. There may be a few for Delphi every now and then.

     

    here in Slovakia there's quite enough job listings for Delphi.  anyways, making language wanted doesn't make it good ;-)

    (and offcourse that great deal of deciding whether language is good or bad is on personal preferences of programmer.)



  • @AbbydonKrafts said:

    @SEMI-HYBRID code said:

    i started high school in 2004. First two years we had PASCAL, then we 'upgraded' to Object Pascal (Delphi).

    ...but it could've been worse, at least it was not Java :-P 

    At least there are tons of job listings for Java. I rarely see anything for Pascal. There may be a few for Delphi every now and then.

     

    Great.  Let's start another one of these debates!  Can we just create one thread to have all these holy war arguments in?    Think of the Balkanization!  Everything would be so fragmented in different dimensions and alliances would shift constantly:

    I totally agreed with your post on Vista, bstorer, until you got into that rant about C++.  Now I hate you.



  • @LieutenantFrost said:

    @MasterPlanSoftware said:

    Extra points if he littered the halls with them. That could be pretty fun to watch @ class change time.

     

     Nah...we put them in a pillow case and hit things with it. Those mice balls were -hard-! And the only reason he stole them was because the teacher made a specific point of "DON'T STEAL THE MOUSE BALLS!"  He was just begging for it.

     From that point on, all students were required to turn their mice upside-down when they left the lab. Now they've moved onto optical mice.

    Back when I was in high school someone used to go around and steal the little bezels that hold the mouse ball in place - then they started drilling holes in it and putting in a hex screw to keep it from being removed (also preventing the damn thing from being cleaned).



  •  This wasn't technically in high school, it was in a community college - but I went to the comm. college instead of my senior year, so it's similar.

     In high school there weren't many WTFs, aside from it being 1996 and our only programming course being Basic on Apple IIs. If you were lucky you got a IIgs. A good part of the course was instructing which order to turn the computer and monitor on and off... Oh, that and their paying $300 for sub-VGA RGB monitors to replace the Apple II ones that died. Anyway...

     My community college was awesome, and their security wasn't awful. Everything ran win95, and they had your standard kinda lockdown app which prevented access to command.com, the 'run' option, and any applications other than a couple of word processors or whatever and Netscape (ahh, those were the days).

     They did not, however, lock down Netscape from inside. And netscape, at the time, let you pick an outside application to execute when you ran, say, telnet://.

     It wouldn't let you pick command.com (not sure why, maybe it didn't allow .com executables or something), but you *could* run qbasic.exe. So, I set telnet to execute qbasic, and made a one line program in qbasic: SHELL. Voila - dos shell.

    This was mainly useful to do just because. I remember that I spent a little extra time (I was only taking a couple of classes but was stuck there for large chunks of time due to bus schedules) modifying the autoexec.bat to scroll by a bunch of ASCII art saying, "Improve your security! Improve your security!"

     My favorite memory of all of this is when I was in the 'media lab' where they had machines running Photoshop. Naturally, I wanted a copy, but being broke and 16 that wasn't happening. So, with my crafty hax0ring skills, I was able to jump into DOS on a media machine, zip up Photoshop to big (1.4meg!) split files, and copy it over to about 10 floppies.  (Don't come get me, BSA. I am telling the truth when I say that, as a 16 year old with no job, I did not cost Adobe money when I copied their $600 app!)

     That's neither here nor there; the fun part was that the school security guy was sitting in the row in front of me while I was doing the copying, and I struck up a conversation about the security system, asking if it would be possible for anyone to steal software off their machines (disk swap) ... "Oh, no, of course not!" (disk swap) ...



  • @PeriSoft said:

    Don't come get me, BSA. I am telling the truth when I say that, as a 16 year old with no job, I did not cost Adobe money when I copied their $600 app!

    The commenters over at ZDNet have a hard time understanding that concept. I gave up because they were really starting to piss me off.



  • @AbbydonKrafts said:

    @PeriSoft said:
    Don't come get me, BSA. I am telling the truth when I say that, as a 16 year old with no job, I did not cost Adobe money when I copied their $600 app!

    The commenters over at ZDNet have a hard time understanding that concept. I gave up because they were really starting to piss me off.

    I'm always surprised when software developers themselves support piracy.  Of course not paying Adobe for their app is costing them money.  It's a potential sale and you are getting the benefit of their program without giving them any money in exchange.  Also, as a 16 year old, PeriSoft arguably could have done some odd-jobs and made the cash to buy the software legally.  I'm also going to assume that he wasn't destitute and spent plenty of money on movies, fast food and (if he's anything like most HS students) weed.  I pirated plenty of software when I was younger but I never tried to pretend it wasn't theft.

    How would you like it if you developed a small application and Adobe used it for free and claimed "well, we went a little over-budget this month so we really can't afford to pay for your software, but since we can't afford it it's not like you're losing any money!"  Or if your employer said "well, those new triple 30" flat-screens for the executives really used up our budget for this quarter, so we're not gonna be able to pay your full salary the next 2 months."  Personally, if I was in charge of a large software publisher, I would probably look the other way at small piracy like this because there's no money to be made in going after kids and it does get them using your software at a younger age which can sell more copies when they grow up and move into the workforce.  Even then, it's still theft, just the sort that is too bothersome to prevent.



  • @morbiuswilters said:

    Piracy Rant

     

    Amen brother! Same thing for digital music BTW.



  • @MasterPlanSoftware said:

    Amen brother! Same thing for digital music BTW.

    I agree.  I still download the occassional song, movie or TV episode illegally, but it's either because 1) I'm not sure I will like it or 2) there is no media currently available for me to legally buy.  I buy all my music on CD because I want the freedom to encode it into any format, but I don't re-distribute to just anybody.  I think sending a specific MP3 or two to friends is alright because I'm just trying to introduce them to the artist and if they like it I encourage them to buy the full album.  Sometimes you can't foreign shows on DVD in America and I don't have cable so if I want to watch the latest South Park I have to download it, but I always end up buying it when it comes out on DVD.  Besides, the SP creators said they want people to download their content off the Internet and have actually convinced Comedy Central to put the whole SP catalog online for free because they were tired of downloading their own show illegally.  I don't like DRM because it restricts what I can do and I think it only punishes people who actually pay for content.  Still, I think the pro-piracy arguments are generally idiotic and self-serving. 



  • @morbiuswilters said:

    I agree.  I still download the occassional song, movie or TV episode illegally
     

    Yep. I am not even saying I don't (probably) break the law in regards to this every now and then, But my CD/DVD collections grow every day. I would never dream of DLing a movie and thinking "Wow that was great" and then not going to buy it... I actually think for me, digital media has vastly increased my spending. I have a lot of CDs I only bought (expecially recently) because I was able to listen to the MP3 first.

    And besides that, with anything I do that could be considered illegal in this regard, I just flat out admit it. Nobody is being fooled by any of this crap. Sharing over P2P and dling vast music libraries that you never pay for is not legal. Don't go around pretending it is. Either stop it, or be proud of being a theif. Don't go living a lie. Wow... how deep!



  • @MasterPlanSoftware said:

    Either stop it, or be proud of being a theif. Don't go living a lie. Wow... how deep!
     

    I must say I'm proud of having 80GBs of music on my HD then.- 



  • @lolwtf said:

    Ouch. My local college has basically no restrictions except the wallpaper (not sure if they meant to do this or not, the option just isn't there, or I can't find it), and nobody gives a fuck that I got around it. The idea being when you're in college you should be smart enough not to look at porn (and those around you should be mature enough not to care if you accidentally find some) and the antivirus programs will make sure no naughty websites break anything. How well this policy actually works, I don't know. I was only there briefly and the machines were all brand new. But combine it with something like Deep Freeze (which I think they actually might have had) or a similar program and I imagine it'd work pretty well.


    (Too bad they used Vista. :()

    Fortunately they haven't downgraded to Vista yet... probably couldn't handle it.  You need to go upstairs for computers with semi-decent graphics cards, and a few times all the upstairs computers decided not to handle USB flash drives (dunno why).

    Took them forever to upgrade from Visual Studio 03 to 05.  Oh, and one computer on which we had to do some performance testing related to network transfer rates had an unupdated antivirus program with a daylight savings related bug that caused it to constantly check for updates and utilise 100% CPU until a few of us who knew what we were doing found it could be stopped with "net stop blah".
    Oh, and some of the machines had Deep Freeze as well, though I never knew which.

    One of the fun things was that games were forbidden, and the first couple of lab sessions for Games Programming Techniques consisted of "play lots of different online flash games".  And I spent a whole year working on an online gaming platform project... (actually, we had our own private computer lab to work in which was why we could play (our own) games without trouble... and play music.  One night we stayed really late so we had it up fairly loud... so I guess it wasn't so bad after all :D )

     

    Oh, I should point out that there was no way to change users without rebooting first.  And there was the occasional computer which couldn't find the domain or had a whistling monitor so there was a bit of shuffling before everyone had a working computer...



  • @morbiuswilters said:

    I still download the occassional song, movie or TV episode illegally, but it's either because 1) I'm not sure I will like it

    So that's 3 people that basically disagreed with me, but didn't see the comments made on ZDNet. I went on there to explain that it should be purchased or deleted. In the case of a teenager, I said that it would be purchased when the money is available, but the exposure early on gains experience.



    At any rate, I'm not getting into it right now because my full explanation is too lengthy. Eventually I'll write a blog post to cover the topic so I can link and be done with it.

    @morbiuswilters said:

    Still, I think the pro-piracy arguments are generally idiotic and self-serving.

    But you just said you pirate and gave an argument as to why. shrug



  • @morbiuswilters said:

    I'm always surprised when software developers themselves support piracy.  Of course not paying Adobe for their app is costing them money.  It's a potential sale and you are getting the benefit of their program without giving them any money in exchange.  Also, as a 16 year old, PeriSoft arguably could have done some odd-jobs and made the cash to buy the software legally.  I'm also going to assume that he wasn't destitute and spent plenty of money on movies, fast food and (if he's anything like most HS students) weed.  I pirated plenty of software when I was younger but I never tried to pretend it wasn't theft.

    How would you like it if you developed a small application and Adobe used it for free and claimed "well, we went a little over-budget this month so we really can't afford to pay for your software, but since we can't afford it it's not like you're losing any money!"  Or if your employer said "well, those new triple 30" flat-screens for the executives really used up our budget for this quarter, so we're not gonna be able to pay your full salary the next 2 months."  Personally, if I was in charge of a large software publisher, I would probably look the other way at small piracy like this because there's no money to be made in going after kids and it does get them using your software at a younger age which can sell more copies when they grow up and move into the workforce.  Even then, it's still theft, just the sort that is too bothersome to prevent.

    I wish people would stop feeding this BS to the public. If you never intended to buy the software(/music/etc) in the first place, it's not a lost sale. If you pirate it instead of buying it, or if you make money from a pirated copy or distribute it, that's another thing, but when some broke high school student pirates a copy of Photoshop having no prior intentions of actually buying it, and just uses it to doodle and piss around, there's no harm being done. And now that person has experience with Photoshop and maybe recommends it to others, who buy it.



    It's been years since I've bought an album without having "pirated" one or more of the songs on it first. Try before you buy.



  • I sent a few songs to a friend once and she ended up purchasing every album by that artist!  So in that (rare) case it was advertising.  But I certainly wouldn't regularly "share" music, and if I want to buy something it's because I've heard a song on the radio or am already familiar with the artist, so it's not like I need to "try before I buy".  Plus music stores often let you preview things, and artists will often put up some partial tracks on their websites.  So the try before you buy argument really doesn't fly.



  • @lolwtf said:

    It's been years since I've bought an album without having "pirated" one or more of the songs on it first. Try before you buy.

    Heck, I've spent a few of my younger years listening only to free music I could find on the internet. Only after a few friends of mine broke the law did I start buying CDs. But even now (or perhaps especially now with the convenience of Steam) I still buy a PC game more often than I buy an album.



  • @lolwtf said:

    I wish people would stop feeding this BS to the public. If you never intended to buy the software(/music/etc) in the first place, it's not a lost sale.

    That's the most idiotic thing I've ever heard.  Do you actually think about this stuff before you open your mouth?  How can you even rationalize a statement like that?  "If I never meant to buy it, it's okay if I just take it because they wouldn't have had my money anyway."  That's theft, you're just desperately trying to justify your own behavior.  If you read what I wrote, I said I've committed plenty of piracy before and there are many times when I consider it to be a reasonable method of exploring new content.  But I still believe it is theft all the same.



  • @morbiuswilters said:

    SP creators said they want people to download their content off the Internet and have actually convinced Comedy Central to put the whole SP catalog online for free
    I like this point.  I can't feel bad for downloading something that's aired on TV or the internet (legally) or the radio for free.

    @ZippoLag said:

    I must say I'm proud of having 80GBs of music on my HD then.
    Let's see ... 104 GB, 23000 songs.  I admit that I may never listen to it all, but I'm trying darnit!

    I should also point out that I have 250+ CDs, and go see concerts regularly, buy merch, etc.   



  • @belgariontheking said:

    I like this point.  I can't feel bad for downloading something that's aired on TV or the internet (legally) or the radio for free.

    Well, if you buy it legally after trying it out, sure.  Otherwise you are depriving the content creator of advertising revenue, so it's the same thing as not paying them.  I think content creators need to leverage the Internet more intelligently (like the South Park creators who encourage piracy because they believe anything that gets their show viewed sells more DVDs) but that's their decision. 


Log in to reply