Posted by Thomas Phinney
In my last post, I talked about how the law protects fonts: via copyright, patent and trademark. This time, I’m going to discuss technical means of protecting fonts, including (but not limited to) copy protection. I’m not going to get into font embedding this time – that will be a subject for a future post.
WHY do font vendors want copy protection?
As mentioned last time, fonts are easy to pirate because they’re small. Additionally, many people don’t think of fonts as software or being valuable, so they pirate them without even thinking about it – it seems that plenty of people who wouldn’t make an illegal copy of a word processor will pirate fonts. As a result, fonts seem to have a very high piracy rate compared to other productivity or publishing software. (Sadly, no reliable statistics exist on this question that I know of. All I can say is that the belief is widespread, as seen for example in this article on font piracy.)
And, as discussed a bit in my posting on font quality, it’s a lot of work to make a font. Most folks who go to the trouble of making high quality fonts want to sell licenses for them. The strong majority of the folks making fonts are not making a super-comfy living at it. So the desire to do whatever is necessary to stop piracy is strong in some circles.
Effects of copy protection on end users
BRIEF HISTORY of font copy protection
Adobe has a long history in this area. Back in the mid-1980s, with the Type 1 format and the Mac OS, we originally undertook two means of protection. First, we encrypted the outline portions (charstrings) within the font. This was more a matter of protecting the font format than the font itself – it didn’t stop people from copying a font, but it did mean that third parties couldn’t easily make new fonts in Type 1. But we also used a copy-protection scheme. The font would come on a copy-protected floppy disk, and you could only install the font if the disk was opened for writing, in which case the font would be downloaded to the printer (this is how fonts were installed back then, the computer only had a low-res bitmap) and some secret data would be written to the disk indicating that the font had been installed, so you couldn’t do it again. So you could install a font to one printer, and use multiple computers with that printer. It was possible to hack this method, but it kept most users “honest.”
Around 1989 Adobe abandoned copy protection for Type 1 fonts, and soon thereafter also published the encryption spec for the outlines as well.
Our next go at copy protected fonts was used in conjunction with the CID-keyed flavor of Type 1 fonts, for the East Asian market. This was done in the late 90s. Like our previous approach, we used floppy disk keys, this time in conjunction with an encryption and hardware-tying technology from PACE Anti-piracy Software.
We even considered using some form of encryption to protect our East Asian OpenType fonts, but we ended up instead doing a careful cost/benefit analysis of font copy protection, and deciding it really wasn’t worth it.
METHODS of font copy protection
The earliest copy protection method for software relied on physically writing the data on the disk in odd ways, rendering it impossible to use standard disk copy routines to duplicate the disk. This approach has continued, with CDs using the same general ideas invented for floppy disks. However, it is not practical as the sole copy prevention method for fonts, because fonts have to be installed in the operating system, and requiring use of the CD or floppy drive for as long as the user has the font in use would be troublesome (what do you mean, you want to use two fonts at once? Forget it…).
Another approach for software relied on using a question-and-answer from the software manual. But this had a number of limitations, including the advance of technology – it’s now easy to duplicate a manual and distribute it as text or PDF. For fonts in particular, this was never a good solution becaus most fonts don’t have unique manuals. Also, these days a manual is likely to be in digital form anyway, and subject to change over time.
The “dongle” remains a common approach to copy protection. This is essentially a little plug that goes into some port of the computer (formerly the serial or ADB port, these days usually a USB port), and acts as a hardware key with a unique internal serial number.