Path: utzoo!utgpu!news-server.csri.toronto.edu!mailrus!wuarchive!uunet!ncrlnk!ncr-mpd!Chuck.Phillips From: Chuck.Phillips@FtCollins.NCR.COM (Chuck.Phillips) Newsgroups: comp.sys.amiga Subject: Re: Pirates and swapware Message-ID: Date: 6 Jul 90 11:56:52 GMT References: <23720@snow-white.udel.EDU> Sender: uucp@ncr-mpd.FtCollins Organization: NCR Microelectronics, Ft. Collins, CO Lines: 89 In-reply-to: kosma%human-torch@stc.lockheed.com's message of 5 Jul 90 18:49:45 GMT >>>>> On 5 Jul 90 18:49:45 GMT, kosma%human-torch@stc.lockheed.com (Monty Kosma) said: Monty> okay, but how about this: the serial number is now in a PROM somewhere, Monty> so well, rather than just lug my whole computer around, I just pop the Monty> chip, and go off to my friend's house, the user group meeting, or Monty> whatever. Well, there's at least two bad things about this. I Monty> *do* think that really people will do it (pop the chips) ... So do I. Monty> ... and this may decrease reliability on the system... ...unless perhaps it is _designed_ to be removable. Alternately, (or in addition) ID PROMS could be issued in pairs. (One for backup.) As far as _system_ reliability, I don't think the _system_ should care whether you have an ID PROM or not. Only protected software should, IMHO. Monty> ...and moreover, what's to stop the pirate from either duplicating PROMS How about if the cost of reverse engineering exceeded $10,000? See my 5/28 post about PROMS with active circuitry. Monty> ...or (probably more likely) removing or modifying the part of the Monty> code on the disk which holds the system serial number or which does Monty> the actual lookup into the prom. Better, but this can be made a lot more painful than you think. I agree something like: if (GetNextPromVal()!=MAGIC_NUMBER) Fail(); Is trivial to defeat. Better would be to use sucessive values from the active circuit/PROM to initialize many (perhaps 100s) of constants needed for useful execution of the program. Now there are lots of calls that must be circumvented and the cracker must determine in each case what constant the program expected. (HINT: Not every constant need be 0 or 1.) The most effective suggestion I've heard so far (sorry I don't recall your name:-(), is to make a memory image of the running program. However, if the encryption method is well designed, the resulting program will contain the registered host ID, possibly encrypted. If the cracker keeps the program to his/herself, they will probably never get caught, but then the revenue loss is contained. If the cracker distributes the program, then at the very least, the software company has the name and address of someone for the police to contact for questioning. Monty> The crackers are a pretty sophisticated bunch. I strongly feel that Monty> this form of protection isn't any harder for them to crack than current Monty> protection. I doubt I'm incorrect on that count, but it's possible--let Monty> me know. Harder than: Look up word -- easily, for obvious reasons. Disk based -- easily. Ultimately, you can duplicate the disk at a very low level (e.g. MFM) using special hardware that will work for _any_ disk based protection scheme. Also note that disk based copy protection often fails to allow execution if there is a significant change in CPU performance. Dongle -- Actually, an active circuit ID PROM _is_ a dongle. The major difference is that the ID PROM is mapped to a user, while a dongle is mapped to a package. Also, the ID PROM's owner is registered with the manufacturer, and unlike most dongles, the ID PROM is _traceable_. NOTE: ID PROM based protection has been used to guard software packages costing over $100,000 for years. ID based protection is not perfect, but if implemented correctly, can be very effective. Monty> Seems that this solution doesn't solve the real problem. It certainly doesn't solve _every_ problem, but neither do the alternatives. As a user, my big beef is when productivity software uses disk based protection. When the honest user needs it most, the disk fails having been ground too many times, and there is no backup. Also, to the professional user, time is $$ and switching dongles, typing in keywords and reconfiguring dongles costs $$ every time the program is used. I and others I know, avoid conventionally protected products for that very reason, and disk based products in particular because of reliability. Again, I don't recommend ID based protection for everything. I'm only suggesting it be made a _choice_. Just my own $0.02, -- Chuck Phillips MS440 NCR Microelectronics Chuck.Phillips%FtCollins.NCR.com Ft. Collins, CO. 80525 uunet!ncrlnk!ncr-mpd!bach!chuckp