Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP Posting-Version: version B 2.10.2 9/17/84; site aluxe.UUCP Path: utzoo!watmath!clyde!burl!ulysses!mhuxr!mhuxt!rduxb!aluxe!wrbull From: wrbull@aluxe.UUCP (bullman) Newsgroups: net.micro.pc Subject: Re: software protection - dongles Message-ID: <792@aluxe.UUCP> Date: Mon, 5-Aug-85 20:02:31 EDT Article-I.D.: aluxe.792 Posted: Mon Aug 5 20:02:31 1985 Date-Received: Tue, 6-Aug-85 12:41:48 EDT References: <566@alberta.UUCP> <10800011@uiucdcsp> Organization: AT&T Bell Laboratories, Allentown, PA Lines: 56 > > If you're going to put part of the code in the dongle, why not put ALL of it > > in the dongle? I mean, cartridge software is reliable and fast to load, and > > with todays PROMs you can get quite a lot of code in one. Of course you can't > > call it a cartridge, because then people will think "GAME MACHINE". How about > > "THEREWARE", because it's always their waiting for you? > > > > But then you'ld have to worry about all the hackers with PROM burners. > > Two comments: > > 1. A key with 1K ROM is a lot cheaper than a key with 300K ROM. > One major goal is to keep key cost at $5-7. > > 2. The code is executed IN THE KEY. This is not the same as the > PC executing ROM code from a key. The 'software lock' passes > a subroutine ID and paramater block to the key, and the key > fiddles with it and passes a paramater block back. Just > to make it more fun, some paramaters could be dummy, and > a state machine could cause the mapping of routine-id to > actual routines vary. VERY hard to figure out and patch. > > PS: While someone @ a large lab could take apart a key and scan > it in an attempt to pirate, this is avoidable using a coating > developed for UK MoD, which is supposed to make ICs non-scanable. > > -- > Opinions expressed are public domain, and do not belong to Lotus > Development Corp. > ---------------------------------------------------------------- > > Simcha-Yitzchak Lerner > > {genrad|ihnp4|ima}!wjh12!talcott!sesame!slerner > {cbosgd|harvard}!talcott!sesame!slerner > slerner%sesame@harvard.ARPA I'm sorry but anybody with a $100 logic analyzer could scarff up anything and everything written to and read from the dongle. You don't have to duplicate the dongle, you just have to mimic it. I can see it now, you bring in your dongle to your local Kmart and get a duplicate made, the same way house and car keys are duplicated. Or will the lockmakers make you buy a new house or car every time you lock your keys inside or at least but the replacements from them?? The CD ROM is still a possible solution(not now, but soon). The ultimate solution is to have the software price cheap enough to make it not worth the trouble. Borland has the right idea. I don't want to see programming sweatshops anymore than the next person because I program for a living. William R. Bullman AT&T Bell Laboratories Allentown, PA ...!aluxe!wrbull /* Usual Disclaimer */