How Do You Deal With Pirated Programs At Work?

LoneAdminOK writes "I started working for a small company in the middle of January as their IT Manager. I am the first actual 'IT Guy' that they have had; before me it was someone that performed another job within the company and just handled the IT on the side. The problem that I am running into is that most of the software I am finding on the network and on people's computers isn't owned by the company. The person before me would just get it from 'somewhere' and install it on the computers as needed. This is putting me in a bad position when I have to reinstall the program or find it to install on someone else's computer. Often, I am telling people that we don't have it or we have to buy another license, and they get mad at me because the other guy said that we had it. I can't even tell where the versions of Windows Server that they are running came from. The only one I know is legit is the one that is installed on an HP server with the OEM sticker on it. How have any of you handled a situation like this? I don't install 'borrowed programs' in a production environment because I know that if the BSA got wind of this, it would all fall on me when they stormed in."

Replace with Open Source

[Foofoobar]

Jeff Bezos once said to me 'you can't take something away from someone without giving something back of equivalent value without them being pissed off'. Obviously you have to take the software away but try to give them an open source equivalent for the time being. They may actually even start using it longterm and save the company money from having to purhcase licenses of the other software.

If I need it, I install it

[i_ate_god]

It's not my responsibility. I'm not paid enough to care. If I need software on my computer, and the IT guy gives me that software, then I will install it and use it and not ask questions.

Yes, it's a horrible situation I've faced too

[Anonymous Coward]

1. Grab everything "IT" (install disks, licences, purchase invoices etc.) for hardware and software and get them to a single secure location.

2. Thoroughly audit the whole lot.

3. Refuse point blank to (re-)install stuff you're not sure about. You'd be surprised how much influence you have as the first (only) "real" IT guy.

4. Push FOSS as a solution.

Re:Your choice

[Toreo asesino]

I actually remember being told by management in a much previouser place to hook up our internet to the unsecured cafe wireless below us because no one could work until the ISP reconnected us (didn't pay the bills). They must've got one hell of a shock as 20 or so machines all started connecting out to the mail server through their wireless via one tablet PC dangling down below through an office window via the Ethernet to get the best connection possible.

And yeah, "management" (far too classy a word for these people) knew exactly what they were doing.

Happy days :)

Re:Your choice

[MightyMartian]

Well, I managed to convince my management that OpenOffice was more than adequate for certain departments. We still (sadly) have to use Outlook and Exchange in a number of areas, but I'm already looking at dispensing with that and going with some open source groupware, as well as contact management software. Still, it's a move forward. Right now the phrase "no licensing costs" is like magic.

Re:It doesn't have to be production to be piracy..

[profplump]

I realize that's true from a pure copyright standpoint, but in the real world it's sometimes useful to say, install a copy of a tool for evaluation in your workflow before deciding to spend $600 on a license for that tool.

Or do you know of a merchant that will accept opened software package for return, should I decide that $600 isn't worth the cost for deployment, or doesn't do what I need? Because I'd be happy buy a license if I had the right to terminate the license and return the product for refund, and even to pay some reasonable fee for my trial usage -- I'm just not willing to pay full price with no opportunity for refund for a product that I've never had the opportunity to test. I wouldn't do it for a car or a DVD player and I won't do it for software either.

User Ownership

[SolarStorm]

I ran into this at one company. It caused lots of issues. Managment did agree that they needed to fix the problem and was prepared to start buying licenses, until I came back with a count of what people "needed", and told him the cost. Once he quit clutching his heart, he had a look at the "needed" software list. We then looked at OSS and found that would cover some of our needs and then cut the "needed" list down to the software people required to do their jobs. When I told the employees what was going to happen, they staged a revolt. Talking about the P in PC meaning personal. I thought about that and said "Your right!" So back to the boss. Here was my idea. Charge everyone with doing their job. Take away ALL of their sofware and give everyone a raise to buy their own PC and software, and make every sign the CYA agreement that they are personally responsible for the software on their computer and that at any time the company can invite and external audit. Everyone loved the raise and promptly bought a PC and Licensed versions of their software. This resulted in a direct write off for the company in stead of an amortized one. Because people were spending money on their Own PC many spent extra. so we gained with some having even better hardware and software. Only one person bought the "minimum" to save some cash. The other cool thing was watching people get together to pool their money to purchase things like Symantec Enterprise. One person did quit right away and tried to take their new PC, which they did. However he forgot to read the 6 month clause in actually getting paid for the PC. It might not work for everyone, It took a lot of communication and hard work. In the end when I left, everything other than some music was licensed. (but as an IT guy you can only push so hard)

Re:Same as you deal with pirated music

[Anonymous Coward]

Does that mean it's okay if it's just me, but wrong if my company is doing it?

Small scale non-commercial copying isn't a criminal offense. Using unlicensed software in a business is a criminal offense. Since the law treats the two cases differently, it doesn't seem unreasonable that anyone on slashdot should. Regardless of the ethics, you should take the latter much more seriously if you're in the firing line.

I walked into this

[Capt.DrumkenBum]

same situation two years ago. Last month I cleared out the last of the questionable software. It has taken 2 years, much hard work, and more than a few shouting matches, but we are fully licenced here at last. Much of what I replaced was replaced with OSS.

Since simply licencing everything would have bankrupted the company, and inertia prevents a switch to Linux on the desktop, the bosses want outlook. I got a policy stating that all new laptops would be purchased with a copy of Office.
One day without notice I blocked access to the update server for the pirated antivirus software, and just waited. Two days later there was a panic, and the next day I had a site licence for the antivirus I wanted instead of the crap I was stuck with by the person I replaced.

In a nutshell, here is my advice:
Document everything. What you found, when you found it, and your plan to get rid of it.
Think creatively about ways to get what you want.
Take your time. Cleaning up a mess like this is a long process.

Re:ZOMG

[SatanicPuppy]

Yea, but the resistance you will run against trying to force everyone to use OSS equivalents may end up with an involuntary 3 anyway. Some proprietary software is qualitatively superior, and trying to take away the "better" product and substituting a "worse" product will breed a lot of user anger.

I've been in a lot of situations where it's one way or the other. I worked at a shop where the licenses were really tight, and I installed OO.org for all the people who didn't rate an Office license, and they LOVED me. And when those people moved on, their replacements screamed bloody murder because they wanted Office instead.

I also ran part of a full-blown everything to OSS migration. It was that times about a million, except no-one was happy.

I've had a lot more success converting home users, though there as well there is a lot of pressure to get the semi-legal stuff (I am the keeper of the corporate site licenses, so there is a lot of pressure to slip 'em a key). Once I have conveyed that the "free key" option isn't ever going to be a reality, however, the "free software" thing gains a lot of traction.

In the business world, however, all the employees look at it as "someone else's money."

In a situation where it's this or nothing, anything looks good. If you're taking away what they want to be using, they will make your life a misery, and you're going to have to be ready for that if you push a big OSS replacement.

Piracy in the workplace

[xmod2]

My rule as an IT professional is that if you are making money using the software, you are obligated to reimburse the developer.

I take a more lenient approach for software used for personal training at home for two reasons:

1) Those people tend not to purchase the software and would just not use it as an alternative.
2) Familiarity with the software inspires purchases in a professional environment.

So personal piracy is freeloading with little/no negative effects on the developer. Profiting from software is a removal of a sale from the developer.

I was a big pirate in my youth, though I become the biggest hard ass regarding licensing in the professional sphere. Cover your own ass in an email stating that you won't pirate software without a direct order/authorization from above you. In my experience though, small/medium business owners will tend to be on the 'pro-piracy' side of things, so you may want to update your resume if it's a moral issue to you.

Personally I had pretty good experience just stonewalling them, which caused the staff to put pressure on the higher ups to get licenses purchased. If worse comes to worst, you can always lie and tell them that the license is node locked and calls home.

Re:Your choice

[gmack]

Better yet wait for the next virus hits and then blame it on a lack of security updates caused by all of the pirated windows versions they are running.

Start at the top

[Todd Knarr]

First thing you need to do here is get the CFO and company attorney involved. The CFO because getting all those licenses is going to cost money, the company attorney because lack of licenses is a legal problem for the company. You also want the leverage: the CFO's not going to want to spend that much money if the company doesn't have to, the attorney is someone with authority to tell the CFO that the company does have to if it wants to keep the software available. You might also want to research news reports and have a few articles in hand less than a year old reporting on BSA raids of companies (to help convince the CFO that no, this isn't just a theoretical risk).

Before you go in, look over the F/OSS alternatives to the software in question. Ideally, have a laptop with it installed so you can show the CFO that no, it's not particularly inferior to the pirated commercial software. If he's already used OpenOffice to type up a memo and seen that it's just as easy to use and produces just as good a results as Word, he's going to be less sympathetic to spending lots of money on Word or to risking a BSA raid over it. This tends to look good to CxOs: you're identifying a real problem and presenting them with solutions to it that work while avoiding having to spend heart-attack-inducing amounts of money in the process. You'll still get screams from the users, but it'll go a lot smoother if you've got the executives on your side first.

Re:Your choice

[tverbeek]

I ran into this kind of situation in my first job. When I included a license for WordPerfect on a PO I wrote for a new system, the exec who had to sign off on it crossed that line item out, with the note "We already have this." Fortunately, a short time after I started they hired an IT manager who'd previously worked for a software developer, so I got his support. What we did at first was, rather than trying to bring the whole company into compliance all at once (which would have been a large chunk of money), he insisted on including software with every new hardware purchase, and we got that. In those days software came with manuals, so we were able to use that as a selling point to the execs who didn't grasp licensing or legal vulnerability. The next step was to offer existing users an upgrade to the latest version... which they had to pay for by buying a full license. After a while of this, the cost of fixing all of the remaining unlicensed software got small enough (and the execs had been educated enough) that we got approval to make it all (or at least mostly) legit.

Re:Your choice

[cptdondo]

You make a good point... I guess I would modify the roadmap to include things like:

Option A: Buy license for MS Server, $2K/yr but no disruption
Option B: Obtain and test CentOS + Samba, 2 weeks of my time testing and deploying

That way you give them a choice. People like to choose.

They must

[clawhound]

Above all, your first job is to show how this is THEIR problem. You need to show the management how this issue is THEIR issue, will bite them in the ass, and that their best course of action will be to pony up the money. Politely, of course. You don't need to be an ass. The second thing that you need is an ally. That's your boss. You need his help. You need him working the money/politics side for you. If not him, then you need someone who knows the money politics side. Don't point fingers. Your job is to come in, straighten things out, and bring the shop up to a PROFESSIONAL level. Keep that as your attitude, and make sure that everyone knows it.

Re:Your choice

[xda]

First of all, don't worry about people getting upset with you. All you have to do is locate all the licenses you do have. If your servers pass a WGA check then they are probably ok, but make sure you have a backup system in place in case WGA kills that server.

Next you need to start transitioning people off the illegal software. OSS is a very good choice to implement in office environments.

Don't make a federal case out of it. But don't contribute to the problem either. If you start getting allot of negative feedback you need to simply explain, sans-drama, that the previous IT Admin wasn't keeping track of licensing and even if the software they installed is legit you can't prove it. You can however provide them with software that will meet their needs without costing the company any more money, but they will need to give a tiny bit of cooperation in order to make it happen.

If your superiors give you any trouble about licensing explain to them, again sans-drama, that they can't expect you to break the law on a daily basis as part of your job requirements. DO NOT in any way make any statements like "I have to report this" or "you guys are running illegal software". You don't work for the BSA or anything like that it isn't your responsibility to report anyone.

there is no need to use pirated software GO OPEN SOURCE. I have 3 small businesses all owned by friends that operate entirely on Ubuntu and OpenOffice.org. My mother doesn't get computers at all, she has been using Ubuntu now for about 5 months. I never even showed her how to use it, I keep a PC in my living room for her to use, she just started using it without any help from me at all! Open source software is easier to use than ever before just run with it, it won't let you down.

Re:Your choice

[kilodelta]

You are right on point. Also be aware that the BSA first looks at company financials before they initiate a case against the company.

I had a former employer that played fast and loose with licensing rules. When I left the job I reported it to the BSA. The BSA got back to me and said "Sorry, they don't have deep enough pockets."

Re:Your choice

[BeanThere]

It's also worth pointing out to the higher-ups (I presume one would write up a report) that pirated software can often cause costly problems - torrents of popular software, for example, may come with viruses or back doors embedded (not speaking from personal experience *cough* *cough*). Also it's often harder to get updates for pirated software, leaving you with unfixed bugs or security holes. Sometimes pirated software can unexpectedly cause data corruption problems (3DSMAX is a classic example - random aberrant vertices). I know you can often avoid these issues if you know what you're doing, but there's always an additional cost in the time required to figure that all out etc. Definitely weigh this in, and evaluate OSS wherever it can be used.

Re:Your choice

[Z00L00K]

If you are lucky it's only that, if not you will get all kind of problems. Murphy's law is the most prominent feature in cases like these.

You never know if there is a secondary software that is depending on the product key and will go and die if it's changed.

cya, work with them, or leave

[Anonymous Coward]

It's important to avoid being adversarial, so start by assuming that the previous guy was doing everything on the level.

1. Ask for documentation that supports the fact that you own licenses for all the software you have. (CYA)

2. In the absence of #1, ask someone to state for the record, in writing, that you own licenses for all the software you have. (CYA)

3. If they provide #1 or #2, carry on with business as usual, and buy new stuff as you need it.

4. If they cannot or will not provide #1 or #2, you need to outline what it will take to bring their operation into legal compliance and appeal for funds to do so. If there's no money, that may include removing software or shutting off machines, so work out how that can be done with the least disruption possible.

5. If they have no interest in being in legal compliance, leave.

6. If they fire you for trying to operate legally, sue their asses. (make sure you do all of the above IN WRITING and keep copies in case
you are escorted from the building)

You will earn respect by trying to work with them and their needs, and getting the most use out of what they have while still bringing things into compliance. You will not earn respect by threatening anyone or calling anyone names.

Again, if they're not interested in coming into compliance, you need to find someplace else to work, because they are asking you to break the law.

Re:ask some questions

[Archangel Michael]

"avoid looking like a self-righteous jobsworth."

Um, You must be new around here....

He's posting to "Ask Slashdot" so it can reasonably be assumed he is already a self-righteous jobsworth (whatever that is).

One of the things I don't like about Ask Slashdot, is there is never any "followup". What advice was taken, how it went over and the long term result.

Seriously where is the followup / debriefing?

How can we learn if the questions are never really answered?

devil's advocate

[TheSHAD0W]

I think BSA gives bounties to whistleblowers, and the size varies on how much stolen software they discover... Depending on the size of your company it could run to years worth of salary.

If the company won't correct the problem, and you think the blame will fall on you...

Sounds familiar...

[fprintf]

http://ask.slashdot.org/article.pl?sid=09/02/04/022257 [slashdot.org] is a discussion very recently about software piracy at the Beijing office of a company. While the location is different, the responses are quite similar. Basically, document your actions in writing, and be prepared to leave if the situation doesn't improve.

Re:get shitcanned, its good for character

[Lumpy]

But now you get a recourse. Call the BSA and tip them off on their arse.

Got fired for that? let the BSA assrape the managers and Executives. It's a great tool for all IT workers to get back at scummy companies.

Re:What the hell?

[Lumpy]

No problem it's free for you...

https://reporting.bsa.org/usa/home.aspx?pr=1&CMP=KNC-google&HBX_PK=BSA&HBX_OU=50 [bsa.org]

go there to download a copy. I dont think they will have any back doors or call home software in it.

PS. if you have isos on the server to make your admin life easy... DONT. get all install software OFF the servers. a BSA audit will flag those. And they win in that argument.. you will never win.

my successful approach

[itzdandy]

I came into a job where the previous guy had installed upwards of 300 copies of MS Office 2000 Pro and a number of other programs such as terminal emulators.

I went to the management with this and got pretty much nowhere. I did win on the fact that I would not under any circumstances install software without a license so I have a solution moving forward.

For all those machine without proper licenses I went to the software company and explained the issue and that I would like to bring the company into compliance if they would be willing to give me their discounted upgrade rate. I replaced all of the Office 2000 installs with open office and got the vendor of a terminal emulator to make me a good deal.

We are now 100% compliant and migrating towards more open source software.

I wish that there were direct OSS replacements for everything I run but there are not. I need perfect VT400 emulation and I have not found an OSS that does that. Putty is about 95% but that other 5% doesnt allow me to have the proper keys mapped to the proper location.

Good luck and be on Buddha's side. Stick to your principals.

Re:Same as you deal with pirated music

[99BottlesOfBeerInMyF]

I'm bound to get modded a troll or flamebait or off-topic or something for this, but how is this different from pirating music?

Interestingly, one difference is this is commercial copyright infringement instead of noncommercial. Up until we had crazy laws passed in the 70's, this would have been illegal whereas downloading songs for personal use would not have been.

/. group-think says it's not theft and trots out a whole bunch of other self-justification about the evil RIAA and so forth, because you're "not depriving anyone of something physical", etc. It's the same, right?

Well, since you used "groupthink" in your post, you're probably a troll. That said, neither is stealing, both are copyright infringement. Interestingly, depending on the software in use and the songs in question, some people justify it based upon whether or not the copyright holder is a criminal cartel or trust convicted of abuse and which donates lots of money to politicians in order to influence our laws. I'm not saying the actions of infringers are just any more than I'm saying the actions of the criminal trusts are. I'm just pointing out that there are differences.

Is it different in this case because it's a small company doing it rather than a whole bunch of individuals? Does that mean it's okay if it's just me, but wrong if my company is doing it?

To some degree, yes. Part of copyright law is supposed to include the affect upon the market and commercial (a small company using it to profit) versus noncommercial (just you for private use) is a real difference and used to be a legal difference.

Re:get shitcanned, its good for character

[gad_zuki!]

Obviously you have no experience with the BSA, not to mention your casual use of the word rape is offensive. The BSA wont do 'revenge' for just anyone, and certainly not the guy in this scenario.

In reality the BSA doesnt care about some small company thats using its photoshop license two or three times or that it has two windows 2003 servers it didnt pay for. They want big shops with big roll-outs who, regardless of due dilligence, missed a license or two. These are big wins for them because of PR and awarded damages.

Small company with some shenanigans? Thats common and you'll be ignored. A multi-billion dollar international corp, yes, then they might come calling. Of course at that point you wont be anonymous anymore. You'll be implicated immediately (gee, who else would have called, the old sys admin we just fired?) and you'll probably have trouble finding a job afterwards. Heck, you'll probably be blamed for some of it too! Get a lawyer.

Re:get shitcanned, its good for character

[citylivin]

You have obviously never gone hungry.

Pirated software, especially in smaller companies is no big deal. If your not in the USA, you don't have to worry about shit like the BSA. People here are quite over reacting. If people had "pirated" mp3s, would you report them to the RIAA (or country specific equivilant)?

I doubt it.

Re:Your choice

[mapsjanhere]

looks pretty much like my experience, took me years to get the value of compliance into the business people. What is much harder so is keeping the employees from clamoring for all the "free" software from the internet. They just don't want to see that just because the download is free you cannot ignore the license terms (the usual "free for non-commercial use"). But after making the first guy pay for his own license when he just couldn't live without a program he liked (and for which a paid equivalent was installed) people are reevaluating how much they realllllly need their individual programs.

Re:Your choice

[jftitan]

isn't that the most saddening thought.

    By saying the boss would be unnerved by the fact that someone within the company is doing his/her job, and doing it correctly and to the T.

    You are right though. The boss would feel threatened that someone within the company is willing to go so far as to note and write everything down. I too did the same thing. My boss was all over my back about making sure I put everything in writing.

    But even that doesn't change the fact. Once everything is written down, you can be canned, then the next person can take what you've started, and take full credit/credibility for all the hard work.

    All because your attitude was too intimidating for them. I've been in this same situation before. My end result was exactly that. I brought up all the issues I found about the company, and provided solutions in my reports. Instead of being greeted and treated with respect I was laughed at, and then given hell. When I started to make sure the ball was rolling to cover my ass. I was let go.

    As for the aftermath, I found out later that they indeed took what I had written down to be policy and effectively implemented everything I was trying to do. Difference. I didn't bring the right attitude. I wasn't willing to take blame for the higher ups' mistakes if things did fail. I mean, why should I take blame for failed compliance because management refused to follow the law even when I was attempting to correct the mistakes. I was given hell, and the next guy took credit for my ideas after I left.

oh well.

Re:get shitcanned, its good for character

[aztracker1]

This comment seems to be from someone without a family to support. In any case it is a huge ethical question... I generally use free (gratis & foss) wherever possible... I've bought quite a few programs over the years (including windows, via msdn no less).

I just don't get, with all the options available, including Linux/BSD/OpenSolaris, why anyone would run pirated software. It's not like OEM windows is so extremely expensive even.

Re:Your choice

[v1]

I've been asked from time to time to install unlicensed software, and a couple times been asked to go out to a customer and assist them with installing cracked copies of software.

I just hold my ground on it, and so far that's been sufficient. If they don't want it that badly, it doesn't happen. If they DO want it badly enough, they do it themselves. Either way I am just going to be responsible for myself. If the BSA wants to stop in and ruin someone's day, it's not my day they'll be ruining. If someone else wants to hang their neck out like that, that's their problem and their consequence.

Sounds like you have a bigger problem where some PHB is telling you to "just do it". I don't even think getting it in writing will sufficiently "CYA". If he writes you a note demanding you go rob a bank, that doesn't mean you're OK to do it just because you got it in writing. Notes from Mom don't absolve you from criminal activity, I sure wouldn't bet my continued state of freedom on that.

If one of the other employees at your place, or other management in a parallel position where they have no direct authority over you is requesting it, be straight, honest, and helpful. "We don't have any available licenses for that installation. Please submit a request to IT or have your department purchase a license and I will install it for you. If you'd like I can email you some links to places where you can purchase it so you know what flavor you need and get a decent deal. If you request IT to install it, the cost of the software will be coming out of your department's budget. I also can suggest some free software alternatives if you're willing to try them. And before you ask, we cannot install software here you have brought from home."

It helps if you already have a good grip on your license deployment. I try to do that when I can. Get a database together with lists of software, activation codes, and have the list include any unused available licenses. It saves a lot of grief later if someone says install xxx there we still have a few installs of the bulk license available somewhere, to be able to actually list where all 10 of the licenses are installed, and to then offer the option of removing it from one of them to free it up. Very often when someone is "liberal" with installations, stuff gets installed places it doesn't need to be. You'd be surprised how many licenses you actually have to work with when you factor in the ability to get things off machines that don't need it. (does Bob REALLY need Access on BOTH of his desktop machines? Whose idea was it to install Cadd on the machine in the break room??)

Re:Your choice

[c_g_hills]

Perhaps it is different with Server 2008 but with 2003 you cannot simply swap the license key for an OEM server key to a volume licensing key. You have to do an "upgrade" with the corp media. This is a problem when you want to migrate a physical server to a virtual one running on a different host, since OEM-licensed Microsoft server OSs are only allowed to run on the metal the license was purchased with. Silly!

Re:How we deal with pirated programs?

[Anonymous Coward]

70-80% of keygens are false positives on many antivirus programs, AVG being one of the worst. Are you really sure they're viruses?

Re:Here's what you do

[Spazmania]

This attitute could cost you boatloads of cash should the BSA audit.

That threat only really works against large companies and government agencies operating on a large-scale licensing agreement. In a small company, you basically tell the BSA that you respectfully decline their invitation to audit your systems. If they ever try to, which they don't.

Of course, if you're dumb enough to invite the BSA to audit your systems then you get what you deserve.

Re:devil's advocate

[pi_3]

I highly doubt this, unless they have changed their policies. Several years ago I was put in charge of license compliance at a software development firm. We were easily short about $200,000 worth of software licenses - and that was just with Microsoft, Adobe, and Macromedia. After not getting anywhere with the higher-ups, I sent an email to BSA asking them what to do, stating that I feared I would loose my job if I reported them, but at the same time knew we were grossly out of compliance. No reply other than an auto-responder.

Re:How we deal with pirated programs?

[Antidamage]

A lot of the keygens are marked as malware regardless of the actual presence of malware. People need to stop writing cute little custom text display apps and just use flash apps for keygens. Goodbye malicious false positives.

Re:devil's advocate

[Gr8Apes]

First, queue up a couple of stories on how the BSA destroyed various companies and present to the boss(es) how you'd like to avoid that, especially if some folks have left recently.

Second - show that their fileservers can easily be converted to linux boxes (no license fees)

Third, depending on the size of your company, buy a MS tech kit license (whatever that thing is) You get a full suite of small business server software and 10 CALs plus 10 licenses for all other programs. It's for evaluation purposes, which you might be able to claim since you don't have legal software. It will at least get you semi-legal until you can fix them with cash or FOSS. Which is what we did. Go all Linux/OSX and free yourself from worry about it.

Re:How we deal with pirated programs?

[fractoid]

As a consultant over the years for companies and individuals, I have definitely made the most money supporting windows systems. What does that say?

It says that 90% of the market uses Windows. If you're making more than 10% of your dough from Mac-using companies then either you're self selecting them or macs require more support. :P

(Of course it works the other way too, I've never made a cent from Mac users because I've never worked at a company that used them.)

Re:How we deal with pirated programs?

[julesh]

That's why I run the keygens on somebody else's computer.

This is marked as funny, but I have a VMware instance with no network connections and no permanent storage set up for just this kind of purpose.