Path: utzoo!utgpu!water!watmath!clyde!rutgers!mit-eddie!uw-beaver!tektronix!tekcrl!tekfdi!videovax!stever From: stever@videovax.Tek.COM (Steven E. Rice, P.E.) Newsgroups: comp.sys.amiga Subject: Re: Software Protection with dongles. Summary: 'Tain't likely. . . Keywords: bongle dungle, er, dingle scrongle, er, dongle bungle, yeah!!! Message-ID: <4796@videovax.Tek.COM> Date: 20 Jan 88 23:22:29 GMT References: <2333@crash.cts.com> Reply-To: stever@videovax.Tek.COM (Steven E. Rice, P.E.) Organization: Tektronix Television Systems, Beaverton, Oregon Lines: 57 In article <2333@crash.cts.com>, Wade Bickel (haitex@pnet01.cts.com) (re-) proposed a dongle scheme that would incorporate an LSI chip to perform the dongling functions: [lots deleted, to keep this fairly short. . .] > Rather than checking something, I was thinking it would use > the hardware. Perhaps the dongle would be required to decode > instructions, or return needed functional results, or ??? > A number of games could be played with the read/write status > of the pins, or sequencing of input/output, etc... Essentially, the dongle becomes an ancillary processor (or coprocessor). At this point, you are caught upon the horns of a dilemma: 1. You can make this part separate from the CPU. This allows you to use (continue using) a standard microprocessor. The disadvantage is that all communication with the chip is in the clear. It becomes relatively easy to determine what the part does and emulate its function in software, or just eliminate all need for it (by patching the original program). 2. You can wrap an encryption/decryption unit up with the CPU. This allows you to perform a number of tricks in hardware, but at the expense of using non-standard (i.e., low usage and high cost) hardware. Note, too, that random address line swapping is out on a multitasking machine -- the memory you might want to switch things to may very well be in use by another program. There is also the problem of keeping the development environment from becoming a copy-protection-cracking environment. After all, if you expect to develop and debug a program on such a machine, you have to have the tools to allow you to do execution traces, stack dumps, memory content examination, and so forth. What's to prevent a pirate from using these same tools to peel off the encoding? Either way, you lose. . . Responding to a comment about users wanting to move their software from one machine to another, Wade wrote: > With a dongle, you could switch machines. But only if all machines have the same dongle interface. Right now, dongles dangle from the RS-232C port because the RS-232C port is a standard feature. You would have to get a significant fraction of the manufacturers to agree to implement the dongle bungle the same way before it would do you any good. No software house in its right mind is going to release a product that won't run on the majority of the installed base! Steve Rice ----------------------------------------------------------------------------- * Every knee shall bow, and every tongue confess that Jesus Christ is Lord! * new: stever@videovax.tv.Tek.com old: {decvax | hplabs | ihnp4 | uw-beaver}!tektronix!videovax!stever