I participated in an interesting thread on the Forensic Focus forum regarding software licensing recently.
There were good points made in response, such as suggestions to use open source tools and that the answer to the question is an unquestionable “NO”.
Countering the good suggestions were some terrible replies. Like, it’s okay to use cracked versions of software and that playing around with hacked versions of commercial tools as long as you don’t make money from it. And don’t forget the cover all excuse of ‘ everyone does it’ . Holy smokes!
Here’s my take: Abide by the EULA .
That’s it. Generally, there is a software licensing agreement for all software. Some is written explicitly and specifically by the developer (name your commercial tool as any example), and other software may be uploaded to repositories using one standard licensing agreement to cover everyone’s uploaded software.
In my experience, here is how I see EULAs related to digital forensic working: You may or may not be able to copy, modify, distribute, sell, use for profit, and/or share. Know what you can do with each tool that you use. If you violate one or more permissions, your professional credibility may be damaged and the results of an examination may be inadmissible.
In particular, I have seen some freeware EULAs specifically state no commercial use of the software. One personal example, an opposing ‘expert’ in a case that I was hired to testify had used freeware in his analysis and by chance, I knew the software he used prohibited commercial use. Of course, that was brought up in court. I would not imagine him doing the same thing ever again after that day.
EULAs cover a lot of ground in a lot of small print. Using common sense, you’ll probably never violate a EULA. Cracking the software is not common sense. Trying to break it is not common sense. When in doubt, read the EULA.
For those in the DFIR community, I urge you to not even lightheartedly suggest that using cracked or pirated software is fine, regardless of the circumstance, so as not to negatively impact those working to get into the field.
As for me, no one will ever be able to say, “Brett Shavers said it was okay to use cracked forensic software, and said that everyone else does it, so I did it too”. Never will happen . Ever. You should be in the same boat.
PS: Notice I didn’t get into any of the ‘moral’ reasons to pirate or crack software, because there are none. And besides, the ‘legal’ aspect outweighs any ‘moral’ belief every time in court. I also focused only on one aspect of EULAs, in that of pirating or cracking software is generally not permitted by a EULA with nearly all proprietary code.