Path: utzoo!mnetor!uunet!husc6!bbn!uwmcsd1!ig!jade!saturn!ucscb.UCSC.EDU!lupin3 From: lupin3@ucscb.UCSC.EDU.ucsc.edu (-=/ Larry Hastings /=-) Newsgroups: comp.sys.amiga Subject: (could it be?) The Last Word on "personal dongles" Message-ID: <1590@saturn.ucsc.edu> Date: 13 Jan 88 12:48:15 GMT Sender: usenet@saturn.ucsc.edu Reply-To: lupin3@ucscb.UCSC.EDU (-=/ Larry Hastings /=-) Organization: Uncle Charlie's Summer Camp (UC Santa Cruz) Lines: 192 Keywords: "personal" dongles should go to "personal" mail!?! Summary: naah, probably not, but can't blame me for not trying +In article <3134@cbmvax.UUCP>, daveh@cbmvax.UUCP (Dave Haynie) wrote:-- | |in article <8801090958.AA20842@ucscb.UCSC.EDU>, lupin3@UCSCB.UCSC.EDU (-=/ Larry Hastings /=-) says: |> Keywords: "personal" dongle | [lines deleted concerning why it won't work in its current stage of development] | |I do like this dongle-key idea better than what you normally see these days in |terms of program-specific dongles, or locked-in CP codes like you find on |some Workstations, in that it doesn't prevent me running several locked |programs at once, or transporting locked programs between work and home as |long as my dongle follows. The problem is that, being a standarized CP |method, there's more insentive for a Cracker to crack it than if it were an |individualized system. |I don't expect that any CP scheme will work given sufficient insentive to |crack it. |-- |Dave Haynie "The B2000 Guy" Commodore-Amiga "The Crew That Never Rests" | {ihnp4|uunet|rutgers}!cbmvax!daveh PLINK: D-DAVE H BIX: hazy || "I can't relax, 'cause I'm a Boinger!" +----------- That was the bulk of my idea; to try and come up with a workable solution to the concurrent problems of a) software "protection" getting in the way of using the software (dongles, programs that refuse to work with any other tasks, programs that are so protected as to be paranoid) b) software "piracy" (I think we all know what that is now). And, AmAZINGLY enough, as stated, my solution didn't work. This doesn't bother me; I expected the initial proposal to get a lot of flak, as initial proposals tend to be rough (like sandpaper). But thanks for at least the vote of confidence (in the idea department)... I agree, about any CP scheme can be broken, if one has the resources. Perhaps, however, we need to come up with a CP scheme that goes _beyond_ the resources of any pirate (or group) to break. However, this is not even the beginning of the problems... In article <4782@videovax.Tek.COM>, stever@videovax.Tek.COM (Steven E. Rice, P.E.) wrote: |Summary: Not in this world, you can't!! |Keywords: bongle dongle gongle hongle jongle kongle pongle songle wongle |In article <8801110635.AA03499@ucscb.UCSC.EDU>, Larry Hastings |(lupin3%ucscb.UCSC.EDU@ucscc.UCSC.EDU) responded to my article |<4779@videovax.Tek.COM>, which was in reply to his previous article, |<8801090958.AA20842@ucscb.UCSC.EDU>. Larry had suggested hardware support |for copy protection which would be, in his words, "buried DEEP within the |OS." I demurred, suggesting that: | |>> If you lose the dongle, you are up an odoriferous estuary without a means |>> of propulsion. . . . | |Larry replied: | |> You deleted then next phrase... it ~= said "First, every computer would be |> shipped with a 'personal dongle' (or probably two, just to be safe)". If |> you lost one, you use your backup, and send off to the company for another |> one (costing you $5 or something to get a new one made up). If you lose |> BOTH of them, then you lose out for a little while, but you're probably the |> kind of person who loses 3 car keys a week, and should order your dongles |> in batches of 20. | |I deleted the "next phrase" to keep the length down. But I know the type |of person you are talking about! (I am married to one...) | [lists stories concerning zany wife and humorous antics of 4-year-old child] | |The point is that you are asking people to trust the usefulness of their |computer to a bit of metal and plastic. If you lose a disk, you have lost |the use of that program. If you lose the dongle, you have lost the use |of *all* your programs! | +------------------ VERY TRUE. Using the "personal dongle" is akin to putting all your eggs in to one basket. However, in another mail correspondence I came up with the idea of being able to procure new dongles at your local computer dealer... all they'd need is a blank dongle, your machine's serial number, some form of reassurance that you're on the up-and-up for getting a dongle, and a mysterious black (or, in this day and age, "platinum") box that sits in the back room, plugged in to some sort of computer, which is licensed to the site from the computer company, and to which the penalties assigned for misuse are staggering. +--More from the same article------ | |I also pointed out that: | |>> 2. A fundamental rule of computer security is that before the programs |>> that run on a computer can be secure, the computer must be physically |>> secure. | |Larry responded: | |> I was thinking about this (because of mail I got on the subject) and |> decided that the security checker should also be the entire I/O chip, with |> either the ROM for security checking built on to the chip or attached to it |> somewheres; and that the whole assembly should be surrounded in epoxy and |> plugged in to the mother board. | |I'm sorry, but that is hardly consistent with the world we live in! If I |can get at the internals of the machine *at all*, I can determine what is |going on and fudge a way around it! If nothing else, I can insert a bit |of hardware in the path to the dongle port that causes an exception when |an access attempt is made. I can then handle the exception and drop into |a debugger, with a very good idea of what the program expects to do with |the dongle data. | |Or, I can hook up a logic analyzer to the bus [Tektronix makes them, if |you're in the market 8^) ] and analyze the instruction stream associated |with various port accesses. Once I have built up a picture of what is |going on, I can build substitute hardware and software that couldn't give |a fig about whether I dongle or don't. . . | |Larry also didn't like my suggestion that: ^^^ On the contrary; that is a judgement call on YOUR part. I am open to any problems you can point out in this proposal. Please, fire away! | |>> If you didn't want to modify your operating system, you could FileZap |>> the disk to its "pristine" state. You might even do this on another |>> kind of machine, which doesn't normally use the same kind of file |>> system, but can be programmed to read and write foreign formats. And, |>> once you had it "pristine" again, you might decide to make a backup |>> copy or two or ten. . . | |> But, first of all, you shouldn't be able to putz around with the state |> of the security on the disk ("FileZapping it to the pristene state" would |> be hands off). Seeing as how all the file I/O goes through the I/O chip, |> perhaps it would not let you READ the security section of the disk. *> Anyways, all I can offer for the second suggestion is... if it's a secure *> disk for this _future_ machine, then the manufacturer wouldn't want you *> reading it on foreign machies, and could play hell with the format. If *> you didn't _know_ the format of storage on a secure disk, you couldn't *> read it... | |Be highly suspicious when your arguments contain words like "shouldn't"! |This usually indicates that you are attempting to evade reality. . . | |Because a disk is a magnetic entity, and we have spent the last 40 or so |years perfecting means of writing to them, I certainly can "putz around |with the state of the security on the disk"! Further, the suggestion >Larry ignored (that one "might even do this on another kind of machine, >which doesn't normally use the same kind of file system, but can be >programmed to read and write foreign formats") is an easy way around this ^^^^^^^^^^^^^^^ This was the "second suggestion" I spoke of above. (the lines marked with *>'s) Let's not be ingracious; I am not presuming to say that this is a GREAT idea; I'm saying it is an _idea_, and asking your opinions. Steve then goes on to tell a story of the future to come... a future where the "personal dongle" was king (used in computers by the Security Council, and Coca-Cola; and there were "dongle factories, dongle warehouses, and government registration offices"... Why, Steve! I _am_ touched; my little idea pervading society? You give me too much credit!) but, because of a combination of broken dongles, dongle viruses, bent pins, and civil unrest; the entire socio-economic system of the United States (or was it a world government) collapses, leading us all into The Fall Of Civilization. | Steve Rice |new: stever@videovax.tv.Tek.com |old: {decvax | hplabs | ihnp4 | uw-beaver}!tektronix!videovax!stever I believe his basic point was that (in its current form of development) the "personal dongle" wouldn't make it (amazing that it so pervaded society as to be integral before these Achilles heels were found...). In any case, he is quite correct. There are different possibilities I can propose at this time; for instance, as above, the disk format of "secured" disks would be unknown (and not the same file format as normal, "unsecure" disks). It could, in fact, be so wildly different as to be unreadable unless you KNEW its format (with variable speed reads DURING a track, or spiraling through a section of a disk... I am no disk drive expert). Also, the data on the disk could be incrypted with a 256-byte long string, known only to the computer company and the epoxy-encased chip. Also (as I pointed out before) the dongle would be connected to the computer through a 9-pin female plug (the female on the dongle end), and I would think it would be encased in plastic or epoxy. This (so I would think) would solve the "bent dongle" problem; I've never seen an Atari joystick that wouldn't connect because of a bent connection (and I've seen quite a few). However, I can dream up no real solution to his point about the logic analyzer. If this is indeed an option (I have no idea; I'm a software person, I just program the black boxes, see?) then I would have to say that nothing is safe. So.... what to do? Well, probably the first thing to do is to get this off the net! I think we've sufficiently wasted enough bandwidth (I never meant to inspire stories and all!) that we can retire to using private email; please, all of you who have any interest, please send me a note (with whatever critisisms or actual constructive suggestions!) to the addresses found in my .signature . Also, we need to develop this idea a great deal further before it can approach workability (something I never claimed it had, merely something I _hoped_ it had). As stated before, we need to develop a system that is not unbreakable, merely so all-encompassing as to be beyond the resources of any pirates to crack. Help me out! Or would you like our future to be spotted with software piracy, as it is now; or even have our entire society felled by one faulty dongle? I thought not! Thank you all for your time and replies, and I hope to hear from you soon!