From here, maybe you already have a clue to where I'm going. If you don't, don't worry, here it comes. Everyone knows that companies see enormous potential in the web as a way to sell things. The sad part is the ways they take to achieve this. They want to know more about you, the customer, so they could better target your liking in their advertising. And as long as they don't get caught, any way is good to collect data. This is life, as we know it in North America today.
The catch is, these companies are customers too, from a shareware author's point of view, so their logic can be applied against them, but with a sense of ethics. What I have in mind is a derivation of the "com-ware" model. The software remains free for personal use, but commercial use is charged. Upon the trial-period expiration, the installed software could "phone home" and send the DNS suffix of the machine (which you could get by doing a "ping -a" with the IP of the host). I insist that no other information than the domain name should be sent (except for the IP address, for communication purposes), as our goal is to track companies, not specific machines (an audit of fraudulent companies will take care of that). We also want to avoid collecting information about users, especially those who legitimately uses it freely.
The goal is to extract the company name from its DNS name. In most cases, it is really easy like companyname.com or net1.companyname.com. Don't just rely on .com, you could have companyname.on.ca, which is an internal network name based on geographical location (Ontario, Canada in this example). As for personal users DNS names being sent, results may vary. It will make sense to discard the dial-up.isp.net and cable.dsl.isp.net, since they are most likely to be individual users who are legitimate to use the software for free. Notice that by taking only the DNS suffix, we don't pick up the user's machine name, which improves user privacy while still enabling the authors to get their due. The DNS names that you're not so sure about where they fall, I suggest this. If there's only one instance or two of a DNS name you are not sure, let it go, it is most likely to be a legitimate use, and if not, so what! You're at least getting the big fish now, which is better than before (at least, I hope it will). Common sense should rule. If you want to make sure, try finding out with whois requests. I also suggest that the data be sent via port 80, like the spyware do, so it will pass through firewalls like a charm. If possible, don't use HTTP, make your own custom server that listen on port 80 to receive the data, and don't send it in cleartext.
In order to be fair and as non-intrusive as possible, the license agreement should specify that the DNS name is sent to the author's registration site for customer validation purpose. The DNS name should be sent only when the trial-period has expired. The registration server then receives the data and stores it in a database and sends an acknowledgement (ACK) back to the shareware. Then after some time period (let's say 15 days), the share-aware will phone home again and wait for an ACK or a NACK (not-acknowledged). The ACK means that the software is OK to be used as is, and will remain silent ever after. The NACK means that the software is being used illegally (unless the check is in the mail). The confirmation (ACK or NACK) will be made by a human person in order to avoid false positives. Then you contact identified companies to inform them of their non-compliance to the user license. Normal legal procedures should then go underway (i.e.:you make a deal, or they remove the software, or you get them in court).
Of course, this model is not entirely foolproof. A company could know that the software sends data packets, could analyze it and determine the destination, and block this traffic at their routers before installing the software. But a company doing so would also be knowingly fraudulent, and will have no case in front of a judge if they get caught.
3. A Pandora's box: spyware
5. In conclusion
Table of contents