And it also allows them to lose many customers when it is discovered that they are doing this.
Thats one of the problems with this sort of copy protection: if you tell customers about it, they then know what to look for if they are planning to pirate it, if you don't tell them it will get discovered (and probably by pirates anyway who will just go and disable it) and you will be considered one of the most evil and unethical companies/programmers ever to write a piece of software.
Everytime a company that has been doing this has been discovered, message boards have been full of reactions such as "I'll never buy anything from them again!" and other such money-losing bad PR. Even the little guys get the same reaction. Recently a program came out for BeOS that would send a piece of email when it was run to the author, and as soon as the problem was reported, sites such as benews.com were full of user comments claiming that nobody would buy anything from the author again as he had lost the communities trust by stealing personal private information. This couldn't have been a reaction to the fear that a mega-corporation was stealing personal information as this was the guy's first piece of software he was selling (I think) and he couldn't have sold more than 100 copies.
All that the emails contained were a number and, IIRC, some information on the computer's hardware. It doesn't matter how innocent the information in the email is. All that needs to be heard is that you are sending email back to the mothership and instantly you have a PR nightmare on your hands. They are cataloging our addresses to sell to spammers! They're invading our privacy, and no matter how small of an invasion it is, it is still an invasion! etc.
So the moral of this story is that any unannounced copy-protection scheme tends to fail in this manner. Admittedly, the backdoor in the shopping cart is MUCH WORSE, especially if an "e-commerce" site is stupid enough to store credit cards on the same server as this script.
Hmm, how about this as a method of copy-protection: why not use meta tags and use the search engines to find people who aren't paying for use of your scripts? Its easy to change the meta tags, but there must be some way to work information based on the serial number or something into the output page and make that information being passed back (such as through a form) critical to the continued operation of the script.
[ Parent ]