Path: utzoo!mnetor!uunet!husc6!cmcl2!rutgers!sdcsvax!ucsdhub!jack!crash!pnet01!haitex From: haitex@pnet01.cts.com (Wade Bickel) Newsgroups: comp.sys.amiga Subject: Software Protection with dongles. Message-ID: <2333@crash.cts.com> Date: 11 Jan 88 15:16:17 GMT Sender: news@crash.cts.com Organization: People-Net [pnet01], El Cajon CA Lines: 118 Since it has been a while since I posted this and I've received no comments from anyone specifically explaining why this won't work, I'm going to post it again. Since there was a recent influx of double postings (about 200?) right after I posted it, I figure it may have slipped through. Please note that when I talk about the program acting kind of like a virus, I do not mean that it would either propogate itself, or that it would damage general data of files. Rather it would subtly damage it's own data, so that a broken program would still be a risk to use (since at any time a missed section of the protection scheme could invalidate your data). Also note that this would be an LSI chip which would lie on the buss (a number of alternative configs are possible) and that it would be a piggy-back arrangement, so only one (say 70 pin) port would be needed. ========================================================== >In article <3072@cbmvax.UUCP> grr@cbmvax.UUCP (George Robbins) writes: >>[part of one of my postings] >> Why has't some provision to protect software been included in >> the hardware? Does C= think protectable software would hurt the >> Amiga in some way? > >Ok, you're on... > >What precisely is it that we should be doing in the hardware? > I was thinking of factory dongles. A slot on the front of the machine into which dongles could be inserted, preferably stacked upon one another, up to some limit (say 8). Then C= (or whoever) would provide "factory dongles" to the software publisher. Because of the volume the manufacturer could do this at a lower price than anyone else. >Remember: > >1) The software has to somehow interact with the hardware "protection" > and the crackers can bypass that check as easily as any other. Rather than checking something, I was thinking it would use the hardware. Perhaps the dongle would be required to decode instructions, or return needed functional results, or ??? A number of games could be played with the read/write status of the pins, or sequencing of input/output, etc... >2) The hardware serialization scheme has drawbacks in that either it's > too easy to change the serial, or too hard wherein you get scewed if > you change machines. I'm not terribly in favor of serialization, but it would still be nice if it were there for the publisher to use if they wished. Not having it leaves no option but not to incorporate it. >3) The consumer software licences are generally oriented towards a user > and his machine, not some specific machine. With a dongle, you could switch machines. >4) Most software vendors/distributors aren't willing to undergo the expense > of diskette serialization/encryption or any scheme whereby the consumer > must call in with the serial number and receive a key. If serialization were provided, publisers/vendors/distrubutors would not be required to utilize it. Likewise, if a factory dongle solution were used, it would constitute an option, not a requirment. >5) No matter how detailed and devious the protection, the benefit lasts > only until a cracked, unprotected version starts doing the rounds. Yes, but if it is expensive or extremely time consuming to crack a program, it is less likely to be done. With a dongle the number of people who would attempt cracking the protection would be limited to those with specialized equiptment. Since there is not a lot of profit potential in this it would not be so likely to happen. Furthermore, if done correctly, a program could notice if it were operating without it's dongle and subtly torpedo the pirate. Perhaps waiting until a choice moment to strike, kind of like a virus. In this way, a pirated dongle-protected program would be a risk to use for anything serious. Confidence in the cracker would be required, and since most people wouldn't know who did the cracking... >Please, there are no simple solutions to the copy protection/piracy issues >or you could be sure that IBM would have implemented them on the PS/2 series. >There is an underlying social problem in that significant percentage of >computer users do not respect the software provider's view of value and >intellectual property. Unless you can provide some adjustment of this >situation you are stuck with various accommodations and stategems. I did not mean to imply that it was a simple problem. But I am sure that relying on peoples' "honesty" will not work. I have a friend at C= (they call him "Mr. Commodore") who was talking of offering rewards for info leading to the conviction of "Pirate BBS's". This also seems like a partial solution. Have you heard anything about this? Thanks, Wade. UUCP: {cbosgd, hplabs!hp-sdd, sdcsvax, nosc}!crash!pnet01!haitex ARPA: crash!pnet01!haitex@nosc.mil INET: haitex@pnet01.CTS.COM