Re: Copy Protection
- Posted by Derek Parnell <ddparnell at bigpond.com> Nov 20, 2001
- 703 views
Hi, as I see the problem, the aim is to ensure that the customer only uses what they paid for. If this is so, then taking copies of the software is not the problem, it's using those copies in an inapproriate manner that is the problem. For example, I think it is quite okay for a customer to have a copy of the original media as a backup copy, in case the original gets damaged. This is just prudent management of a valuable resource. However, to use the backup copy and the original media at the same time is not acceptable for most software vendors. This is similar to installing software on multiple machines, which allows simultaneous usage of the software licence by many people. The solution seems to reside in the use of a unique physical token that must be present when the software is being used. This is the idea behind the "dongle" devices that plug into the back of your PC and their presence is checked periodically by the software. A similar thing is the "key" diskette used by very early copy-protection schemes. This was a diskette that was specially marked in some way that could be detected by software but not easily duplicated. The diskette had to be present when using the software. The type of marking varied from physical holes, special codes in "system" areas of the diskette, or even tracks that where recorded at the "wrong" densities. The major flaw in these methods, is that the software that was used to detect the presence of the token could be hacked to skip over the checking or always return a success flag. The Rational Software company uses a highly effective copy protection scheme that is a real pain for its customers, but at $10,000+ for each licence we don't bitch too much. What they do is when the software is installed, it generates a special code based on the characteristics of the machine you are installing on. You then have to telephone Rational and speak to a person there who will ask you for the licence key and the installer's generated code. Rational then check their database to see if you haven't exceeeded the number of licences and if you haven't they give you an authorisation code, which you must then enter using their licence administration software. If you need to move the installation to a different machine (or upgrade the hardware on the installed machine), you need to uninstall the software first. When you do this, the uninstall will give you another generated code, also unique to your machine. You then ring up Rational again and tell them the uninstall code, then you can go and install onto another (or same) machine using the process outlined above. The software routines that check your licences are also very heavily protected (via encryption and other weird methods) to make sure you don't get around it. The net effect is that their software can only run on a given machine until Rational allows you to install it on another machine. One tends not to move the software about very much --------- Derek. 21/11/2001 12:30:56 PM, euman at bellsouth.net wrote: > > >> Euman, >> >> Well, that's just it. From everything I've read, this CAN'T be done just >> with software. >> >> >From what I know, programs are available on the internet that allow you >> to copy any disk. It doesn't matter if there are are checksum errors, >> hidden data, etc.--every bit written to the original disk is copied to >> the new, without any regard for what it means. >> >> As I said, I'm no hardware guru. I get the impression that devising a >> new disk format would only the disk from being read by conventional >> movements of the disk drive's read/write head. If so, this might work... >> although you're now saddled with the need for special software to read >> the disk. >> >> Plus, I think committed hackers would be able to unravel the new format >> (not that they couldn't also crack the punched-hole disk problem; no >> solution is TOTALLY foolproof short of a one-time-pad-encrypted disk >> with the key given in person to the appropriate user. And even that only >> stops the data from being read, not from being copied.) >> >> Rod Jackson > >I agree with what your saying here. No method is full-proof. > > We have a product that is only usefull to the particular business that >ordered the product >in the first place. What we want to do is make it hard enough so the company >would >1. either loose money because they spent an enormous amount of time trying >to figure >out how to duplicate the software which would be more than the actual >product update >would cost or, 2. simply give us the cash for the updated product. > >It's a keep ourselves in business sort of scheme that will work because most >of the clients >do not have the means with which to tackle the cracks that would be >involved. > >I am currently reading up on supposed proprietary disk formats from a well >know hackers site >and should by what I see at this point duplicate or render my own format.. > >I thought about marking the floppy disk and the hard disk on the initial >install of our wares >and gather the HD info and transfer this back to the floppy in an encrypted >form using Blow-fish >or some type of scheme but I dont know very much the legal side of >encryption to do this. >Does anyone know if Blow-fish is now legal to use in/or export from the USA? >Maybe a HASH routine would be better because it's not technically an >encryption... > >There are many questions and probabilities to security and there has to be a >combination of these >to make a cracker go insane trying to figure it all out...If there is I >certainly would like to do it... >"make a cracker insane, that is!" hehehe > >Thanks Rod, > >Euman >euman at bellsouth.net > > > >