I work with the producer of this software in a close enough capacity that I would know otherwise.
There is somebody right now doing expensive battle in court, currently headed toward a loss. The data is factored, and matched against the user-base, which is known, and under signed contract. Quite simply, a false positive is damn near impossible, because the data exists to know who is authorized and who isn't. Every single seat is known globally. Not hard to sort out the false positives, and if it's a marginal case, I'll bet they don't bother because there are plenty of solid ones.
There is a slip of paper shipped with each box, and that is presented in binary form with original distributions of the software informing people of the system, and the basics of how it works. Authorized use sends NO data. It's authorized use. Wouldn't want the people who paid and are using things properly dealt a bad hand, now would we?
It's really a nice piece of work. If you are authorized, you've read and signed a real contract, not some EULA, so the terms are clear, limiting the kinds of legal you mention. Having done that, your software won't be sending anything as it's operating on a known license authorization. Those are actually quite difficult to get wrong and have the software function. Somebody has to modify the software to execute a unauthorized use, and that's the trigger right there. And since there is no signed contract in place, there can be no expectation of fit, form and function can there? See how that works? Brilliant, if you ask me.
And this isn't DRM. The subtle bit here is simply detecting and communicating unauthorized use. The user will experience no difference in functionality, the cracks out there will still work, etc... Nothing prevents the unauthorized use. Said use is simply communicated with enough data to make the case cut 'n dried.
Been through a few of these now, and it's quite potent.
Oh, and as for your threats of dumping the software? This stuff costs some significant money. Nobody using it would even think twice about the authors dealing with piracy. Nobody cares, because they being the users who are authorized and such, have exactly zero worries. Again, no data is communicated. Non issue.
So far, the few who have had serious firewall setups, and who are pissed about it, appear to not have serious enough firewall setups, which is why they are pissed, with most of their effort fixated on how the data got out in the first place, and not on the unauthorized use part of things.
The way I see it, if you go and grab some binary, particularly a complex and expensive one, crack it, or get a crack from somebody, you pretty much are asking for it, right? I know I would be, and frankly, have never let anything out on the net like that, early adopter of VM technology for a lot of reasons, that being one of them, as this kind of thing has been out there now for a number of years. Data gets tagged too, just so you know, but only when it's unauthorized data, generated on a unauthorized use session. When that data gets communicated, well you get the idea.
All that said, there are still outs. Just keep it a learning experience, off the net for good, data isolated, maybe moved into neutral formats when desired, and the piracy can happen as it always has, leaving the door open for people who learn that way to do so. Hell, I did in the early 80's, and a lot of people I know did. Still can happen.
But, what isn't going to be practical is business use for profit under that scheme.
Your rant is a lot like the guy with the "secure" system, finding out it isn't, caught with pants down, running software unauthorized, more than it does anything else, because again, the authorized users are known, all of them, accounted for, under contract, with no worries at all, actually experiencing a easier get up and running experience than the pirates and their cracks and keygens are.