Anti-Malware.ru asks questions to Alexander Zatsepin, CTO at StarForce and Natalia Yashenkova, Head of Marketing and PR at StarForce. This interview continues cycle of publications titled “Persons of the Industry”.
At the end of the year it’s time to summarize. Was there anything special about security industry in 2013? What bright events or news can you recall? What trends do you think has become apparent and will influence the industry in 2014?
Alexander: The past year was full of the events and news that affected on our industry in a varying degree. First of all, it was Edward Snowden, who raised a specific issue about information privacy at all levels from a government to a man in the street. A certain resonance was caused by the closure of Lavabit email service used by Snowden for correspondence. The founder of the service refused to give the encryption key to the U.S. Government. With this key they could access all the users’ emails. So they made him close the service.
The fact that the Internet has lost its anonymity is not a new one. But until recently it was difficult to imagine that someone monitors all the information flows for own purposes. That is why in 2013 the question about corporate and private data protection came up so critical. By the way, all the experts marked a sharp jump in the market of data leakage prevention systems (DLP) last year.
Natalia: Although many companies still choose between working in the cloud and working with the programs located on the servers in their offices, the main trend that appeared last year was the system approach to the enterprise security. There are two directions of eDocument control: inside the office (perimeter) and outside the perimeter, e.g. partner price lists, reports, new product designs, etc. can be mailed or saved on a flash drive. And if the protection mechanisms of eDocument inside the local network has clearly been defined by now, then the protection systems against unauthorized access, copying and distribution of files outside of the enterprise is actively developing, acquiring its form and content.
Another event that should be mentioned here is the tightening of the law on copyright protection. Among the users, it sparked a wave of negativity, as people are used to get free content in many countries. However, revenue loss for the publishers transforms into a low quality product further and further downward. Therefore, we believe that this change is for the better and are ready to provide all assistance to the copyright holders for content protection and software protection.
How old is StarForce? What are the results of your activities at the beginning of 2014?
Alexander: StarForce Technologies (StarForce trademark) was officially established in 2000. But the development of the solution had been started two years before that, so we can say that StarForce products have existed for 15 years on the market. And the key to this long-term success is continuous improvement and updating. Changes in the structure of the company's profits became clear to us several years ago: there was a reduction in demand for our "traditional" software protection products with binding to disks or PCs. But thanks to the well-planned product policy, the reduction of income in this area plays no part, because the solutions for protection of eDocument and software via the Internet are steadily gaining a momentum. For example, StarForce Content's demand (www.sfcontent.com) was increased by half by last year. It’s allowing the company to have the actively growth and development for now.
What is copy protection? How does it work?
Alexander: The main idea is simple. You need to find an object that has two properties: the first, each end user should have it, and the second, it should be difficult to duplicate it. Usually such an object is called a binding object, because it is used to bind an e-document or a program to a definite end-user. In StarForce's solutions we offer to use for binding optical disks, PCs as well as local or remote servers. The aim of copy protection developer is to make a protected program or a document unusable without the verification of the selected binding object and it should be difficult to overcome this protection - to crack the protection system using analysis and reverse engineering.
What are technical aspects of binding to different objects? What are their benefits for publishers and end users?
Alexander: An optical disk was historically the first object of binding that our company used. Now the disk binding together with software distribution on optical disks are receding into the past, but several years ago this technology dominated. Before the Internet era, the disk binding was the only one adequate method for the identifying of low-cost software legal copies. This method was very convenient for publishers, but end users were dissatisfied, because every time they wanted to launch a protected app they had to insert the disk into the drive. In addition, the users had to refer to the publisher to launch the app in case of loss or damage of the protected disk.
Fortunately, the Internet has allowed us to develop more user-friendly technologies, one of which is a binding to a PC. This technology is based on the following: an end user gets a Serial Number with his software or e-document copy. A Serial Number acts as a unique identifier of the publisher’s license. When an end-user launches the protected program or document for the first time, he or she enters a Serial Number the protection system initiates a specific sequence of actions. At first, the protection system collects the information about the PC’s hardware parameters. This information is stored on the PC as a hardware profile of which hash function is calculated. This data with the Serial Number are transmitted to StarForce server where the Serial Number is being verified. In the simplest case, the server checks if there is such Serial Number in the database and its activation status. If the validation is successful the user gets an activation key, which contains the hardware profile signature. The activation key is saved on the user's computer. After that the activation is completed. And every time user runs the app or opens the document, the protection system compares hardware profile with the real hardware parameters (small deviations are allowed) as well as with the activation key. If the validation succeeds, you are allowed to run the app or open the document.
To compare with the disc binding the PC binding method is less convenient for publisher because of the necessity of Serial Numbers delivery. They have to supply every product copy with a unique Serial Number. It is not complicated for online distribution, but it's difficult when disks are used for the product distribution. The PC binding is much more convenient for end users, because he or she totally ceases to notice the existence of copy protection after activation. The activation is automatic with the Internet connection or manually (e.g. via SMS) if the Internet is not available. The only one inconvenience comes to the user if he wants to change his computer. The problem is that the publisher defines the rules of the activation for his product. Usually publishers give several activations with a single Serial Number but not many. For changing it they can use the following options: to edit a Serial Number, to order the automatic recovery of activations after a certain time or give permission for Serial Number deactivation to activate it on some other computer.
Binding to a server allows to forget about the weaknesses of the previous method, but it requires the constant Internet connection on a user's PC. This binding method also involves the use of Serial Numbers for end users identification. When you run an app or open a document the protection system asks StarForce server for permission. If other servers or workstations haven’t send such requests for some time (protection against leakage of Serial Number in the Internet), then StarForce server gives that permission. This approach allows a user to run protected apps, read protected documents on different PCs, and care only about saving of his Serial Number. This binding method allows you to protect business apps, where you manage not the rights of individual users, but only the total number of the licenses.
As we can see, the increasing of Internet penetration allows us to switch to the binding technologies that make copy protection mechanisms less burdensome for end users. At that, protection system core undergoes minor changes. That makes it impossible to run app or open e-Document without validation and provides protection resistance against cracking.
So, we can say that all the StarForce solutions and products are based on a single core?
Alexander: If we consider the similar products, such as the line of the copy protection solutions, then this is the case. The development of new technologies requires large resources, so the solution architecture is designed in such a way that within the same product line should be a single core that is updated with a new product introduction. However, in the different product lines such, as the solutions for code protection against analysis and reverse engineering and email security, different technologies and respectively different cores are used.
Tell us more about the company's most promising product lines.
Natalia: It is well-known that StarForce has made its name in PC game segment. The world record held by StarForce is Splinter Cell: Chaos Theory, AAA-class game published by Ubisoft, that resisted to hacking for 422 days. Today PC games on CDs are fading, while online games or MMOG are coming to the top of the market. They also need protection, but not against coping and illegal distribution, but against bots and cheats. Why do gamers use bots? To get needed points (money, vital energy, mana, etc.) in online games you should complete some simple tasks for example to collect resources. Bots can make it for you in automatic mode. On the one hand, it is great for gamers because they do not spend their time for repetitive operations, but on the other hand, it is a fraud and revenue loss for game producers, as almost all the game resources can be bought for real money. Cheats are the programs that can improve the player's position without any game actions. It is a fraud and should be severely punished, because it casts doubt on any progress in the game. If to compare games on CDs and MMOG, the protection for the last one is an ongoing process, because the search, neutralize and prevent the emergence of new bots and cheats is proceeding on a regular basis. It is very similar to anti-virus. And it requires a certain amount of the resources and skills that our company possesses in abundance. Therefore, StarForce MMOG is considered to be one of the most promising products. In addition, we should include here the mentioned above services for online protection of the different types of content and software, as well as corporate products that help to protect sensitive documents outside the perimeter of the corporate information system.
What regions do you focus on?
Natalia: Our headquarters is in Russia but we have subsidiaries in France and USA. Also our partner network is rather wide. And our position is very good because we offer the combination of high-level protection (hacking proof level) and democratic prices that attracts new clients. Our users live on the five continents and the number of the sold worldwide licenses is nears 65 million.
Are you planning to develop Software as a Service (SaaS) in 2014? What is the target audience for it?
Alexander: Our first steps in this direction were made in 2009: we developed a platform that allowed us to provide software protection services via the Internet for our В2В customers. At the beginning of 2014 we launched a SaaS that is focused on individuals and small companies. SFContent.com allows to protect e-documents of different file formats: PDF, DOC, DOCX, RTF, JPG/JPEG, PNG, and GIF. When protecting the document, the user defines the expiration date and the regions where the document can be used and can restrict the printing option. The service protects confidential files against unauthorized opening and copying, that includes even blocking of the Print Screen function. The second project we are going to launch this year is a protected e-mail service. It provides secure delivery of messages and attachments to a recipient. With this service the sender can be sure that his letter will not be forwarded to the third parties. Our aim is to make our users happy with the new services, so we are coming to their implementation in dead earnest: the user interfaces are being developed according to the latest requirements of usability. Serviceability of our web sites is provided by the servers located in several countries.
What are the other changes the company expects in 2014?
Natalia: Currently, the task is to transform the StarForce's image from a developer of game protection solutions into a provider of multifunctional solutions for information security. We own unique technologies and earned appropriate knowledge and experience and it helps us to move in the right direction, which as we expect will yield gains in the near future.
About StarForce Technologies
StarForce Technologies (www.star-force.com) is a leading vendor of information protection, copy protection and code obfuscation solutions for software, electronic content and audio/video files. Since 2000, StarForce has been successfully developing and implementing its state-of-the-art security solutions, providing copyright and intellectual property protection worldwide. Two of these solutions were transformed into StarForce cloud services: sfcontent.com protects e-Documents against illegal copying and distribution and sfletter.com secures emails.
StarForce is a reliable and responsible Technological Partner for enterprises potentially incurring losses due to cyber-gangs, hackers, software piracy, unauthorized data access and information leaks. StarForce’s customers are Russian Railways, Corel, 1C, Mail.ru, Aeroflot, SUN InBev Russia, AMD Labs, ATC International, MediaHouse, Russobit M, New Disc, Buka, Snowball, 2Play, GFI, CENEGA, Akella, etc.