Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP Path: utzoo!linus!decvax!harpo!seismo!hao!hplabs!sri-unix!PGW@mit-xx From: PGW%mit-xx@sri-unix.UUCP Newsgroups: net.micro Subject: Software Piracy and Coupons Message-ID: <13353@sri-arpa.UUCP> Date: Fri, 4-Nov-83 13:29:00 EST Article-I.D.: sri-arpa.13353 Posted: Fri Nov 4 13:29:00 1983 Date-Received: Tue, 8-Nov-83 02:32:14 EST Lines: 35 From: Paul G. Weiss It seems to me that the following method would break the Shamir scheme: 1) First the pirate must get his hands on a "pirate diskette", which would be a diskette that is filled entirely with "weak" bits. All it would take is one shady character to obtain access to one of these "modified disk drives", for these to be churned out in scores. 2) Then the pirate's program goes through the disk to be copied, sector by sector. By reading the sector several times, he can determine whether weak bits or strong bits are written on that sector. If the sector is strong, he copies it to the corresponding sector on his pirate disk, overwriting the weak bits there. If the sector is weak, he does not copy it, since he already has weak bits in the corresponding sector. This depends on the assumption that the weak vs. strong areas of the diskette respect sector boundaries. If the protection scheme checks to see that there are both strong and weak bits in a given sector, then the above method would fail, as I don't know how to write less than a sector of data onto a diskette. However, it would seem to me that the task of making sure that specific bits in a sector were weak or strong would be a more complex task than merely recording a sector with many weak bits in it. Comments from hardware types, please? On another note, I have heard of a protection scheme that works by drilling a small laser hole in a sector of the diskette. The protection works by checking that the data in that sector is bad and that attempts to fix it by overwriting the sector will fail. Unfortunately, the protection works at the BIOS level on the IBMPC, which means that it can be broken by just replacing the relevant BIOS routines with pirate written routines. However, I believe that there is promise in such an approach. Any comments? -------