13

I'm a PhD student looking at software watermarking techniques and I always get asked 'who uses it?' The answer to which I don't know. There is a large amount of academic work on the subject (most notably from Collberg et al.) but very little indication of it's prevalence in industry. Software watermarking involves embedding a unique identifier into software in order to prove ownership, in a similar way to that of multimedia watermarking. So, maybe programmers here can answer the question: 'who uses software watermarking?'

Jens Bannmann
  • 4,845
  • 5
  • 49
  • 76
James Hamilton
  • 137
  • 1
  • 6
  • I'm curious as to how software watermarking typically works. – Justin L. Jun 30 '10 at 00:01
  • do you actually want names of companies / products? Or a "people that ..." kind of answer? – catchmeifyoutry Jun 30 '10 at 00:25
  • I hate when my programs get wet :) – Dr. belisarius Jun 30 '10 at 00:56
  • @Justin - watermarking software involves embedded some extra information in a program, usually automatically. The simplest example would be declaring a string variable with a copyright notice - that's a simple static watermark. A dynamic watermark would be where code is embedded which generates the watermark while it's running - the program is then examined while running, for example examining values of variables, or the contents of the stack. @catchmeifyoutry no need for company names @belisarius don't drink around your computer :P – James Hamilton Jun 30 '10 at 12:54
  • I'd imagine though that it'd be fairly easy to remove a watermark that simple, if you have the source code anyway? – Justin L. Jun 30 '10 at 19:18
  • Yes, of course. That was just a simple example. Most work looks at augmenting binary, or byte-code programmes rather than source code. I'm looking at Java byte-code watermarking specifically. Most existing algorithms (especially static ones) are susceptible to simple attacks. While stronger algorithms are not always very 'stealthy' - i.e. it's easy to find the watermark code by static\dynamic\statistical analysis of the code. – James Hamilton Jun 30 '10 at 20:32

3 Answers3

4

Thats a very interesting question. I would have up-voted you if I got the permission;-).

I actually wonderred the same question 4 years ago when I was doing my masters on dynamic software watermarks. I heard from some sources that IBM once won a law suit on copyright cases against some company, where software watermark actually got used as a hard evidence. But saidly its merely a heresay as I cannot find any source for that story.

Another case is that a chinese company successfully proved that google china stole their dict data and used in google's chinese PinYin input system. See this

I dont really have an answer to your question. But I believe software watermarks will be recogised as a powerful tool not only in the acdemic world. The reason is with the burst of app store iphone/ipad/android applications, there is real money,lots of money involved in the piracy--anti-piracy battle.

There have been so many cases that people simply download paid apps and reverse engineer them,make minor modifications and then claim copyright and release the apps to make money.

So I will bet a company will be there that speciallises in utilising software watermarks to prove owership, might combind with using obfuscation to make reverser engineering harder.

The market is huge, the problem is getting bigger and the solution has been established (at least in acdemic world) ;-)

It might be time for me to re-read my paper and see what I can do to make some money ;-).

Jason Wang
  • 629
  • 1
  • 8
  • 11
  • 1
    I have the permission so I did up-Voted. Really interesting question! – josecortesp Jun 30 '10 at 02:50
  • Thanks for your answer! Can I see your paper? Is it on the web? – James Hamilton Jun 30 '10 at 12:58
  • @James: My thesis:A Constant Encoding Algorithm Which Tamper-proofs the CT-Watermark can be found here http://www.cs.auckland.ac.nz/~cthombor/Students/lwang/lwangthesis.pdf ;-) – Jason Wang Jun 30 '10 at 21:20
  • The IBM Case is reported and asserted, it is not a hearsay (see my answer below) – Mehdi LAMRANI Jan 26 '17 at 20:02
  • Regarding the Sogou vs. Google Pinyin case, the watermarking was merely coincidental and not really intended as such, as theft proof was based on similarites btw the two dicitionaries (source : http://www.networkworld.com/article/2297573/software/update---google-admits-word-database-came-from-third-party.html) – Mehdi LAMRANI Jan 26 '17 at 20:14
1

The following case is often used as a typical example (Excerpt from the book "Surreptious Software", from Christian Collberg & Jasvir Nagra) :

IBM sued a rival for theft of their PC-AT ROM. They argued that the defendant’s programmers pushed and popped registers in the same order as in the original code, which was essentially a birthmark. They also argued that it would be highly unlikely for two programs to both say push R1; push R2; add when push R2; push R1; add is semantically equivalent

Counsel for IBM Corporation. Software birthmarks. Talk to BCS Technology of Software Protection Special Interest Group. (1985)

Mehdi LAMRANI
  • 11,289
  • 14
  • 88
  • 130
0

Having worked at three completely different places before, I can say that obfuscation is commonly used - all of them do. Watermarking? Well, I'm only hearing of it now.

Anyway, this obviously represents a very small sample size, so I'd like to hear what others have to say too.

bguiz
  • 27,371
  • 47
  • 154
  • 243