Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!uwm.edu!spool2.mu.edu!uunet!ncrlnk!ncr-mpd!Chuck.Phillips From: Chuck.Phillips@FtCollins.NCR.COM (Chuck.Phillips) Newsgroups: comp.unix.admin Subject: Re: Preventing date rollback Message-ID: Date: 7 Jan 91 11:44:51 GMT References: <292@bria.AIX> <1976@necisa.ho.necisa.oz.au> Sender: uucp@ncr-mpd.FtCollins.NCR.COM Distribution: comp Organization: NCR Microelectronics, Ft. Collins, CO Lines: 32 In-reply-to: boyd@necisa.ho.necisa.oz.au's message of 3 Jan 91 00:00:10 GMT You can't, period -- at least not without hardware support. No matter what you stat or how you may encrypt whatever information you may wish to encode about the file system, it can be circumvented. All the user has to do is make a full backup of the system after the software is installed and working. Then, at any time in the future, the user can reset the system clock and restore the entire file system to the state is was at the time of the backup. However, in commercial environments, doing this is often more expensive in lost productivity than the software costs. If someone is really determined to crack your software, they can always disassemble your application and modify your protection scheme -- even if you use a &%$# kernal patch to obscure your protection scheme. (There are other, more subtle ways of hiding your protection scheme. ;^) Like locking your house or your car, all you can do is make the job more trouble than it's worth. That said, if the computer manufacturer were to add a non-resettable piece of mechanical hardware measuring the elapsed uptime of the computer and provide a system call for accessing the elapsed time, then at least your software could check for consistancy. (i.e. If the elapsed uptime is more than the elapsed clock time encrypted at the time of installation, then something funny is going on.) As a side benefit, the elapsed uptime information could be useful for admin folks and hardware maintainers. #include Cheers, -- Chuck Phillips MS440 NCR Microelectronics chuck.phillips%ftcollins.ncr.com 2001 Danfield Ct. Ft. Collins, CO. 80525 ...uunet!ncrlnk!ncr-mpd!bach!chuckp