Path: utzoo!utgpu!jarvis.csri.toronto.edu!mailrus!ames!sgi!vjs@rhyolite.wpd.sgi.com
From: vjs@rhyolite.wpd.sgi.com (Vernon Schryver)
Newsgroups: comp.sys.sgi
Subject: Re: Obtaining a unique, "unchangeable" number associated with an SGI workstation
Message-ID: <48186@sgi.sgi.com>
Date: 12 Jan 90 20:26:59 GMT
References: <9001111538.AA09715@aero4.larc.nasa.gov> <102@tachyon.UUCP>
Sender: vjs@rhyolite.wpd.sgi.com
Organization: Silicon Graphics, Inc., Mountain View, CA
Lines: 37

In article <102@tachyon.UUCP>, sch@tachyon.UUCP (Steven C. Holzworth) writes:
> ...
> I personally feel that most professional programmers can defeat any copy-
>protection scheme devised (including dongles).  Most _professional_ programmers
> won't try.  The idea is to make a scheme that is secure ENOUGH.
>...
> 						Steven C. Holzworth
> 						Vice President.
> 						Stephen Dedalus, Inc.
> 						rti!tachyon!sch

Given one machine that can reliably execute the product under some
repeatable conditions, it is obvious that with enough effort, a second
machine sufficently identical can be constructed.  One might need to use
xrays and chip building hardware or even bribery or extortion at the
factory, but it can be done.

It has seemed to me that the goal is to make it secure enough to be able to
go to court and say "That was no accident.  You stole it on purpose."  It
seems enough to make the cost of stealing it (whether in court or in
engineering time) less that the price of a copy.


Only the first bytes of the sysinfo string are useful anywhere.  There
was talk of forgetting the extra cruft a release or three ago.  It seems
unlikely we can ever actually reduce the size of the structure, since
we prefer to avoid some of the screams caused by incompatibilities.
(Note: I only said "some" :-)

Using the ethernet address for copy protection is crazy for lots of
reasons, including the fact that there are ioctl's for changing the
ethernet address.  (Needed for DECNET.)


Vernon Schryver
Silicon Graphics
vjs@sgi.com