Re: Copy Protection
Hi,
as I see the problem, the aim is to ensure that the customer only uses what they
paid for.
If this is so, then taking copies of the software is not the problem, it's using
those copies in an
inapproriate manner that is the problem.
For example, I think it is quite okay for a customer to have a copy of the
original media as a
backup copy, in case the original gets damaged. This is just prudent management
of a valuable
resource. However, to use the backup copy and the original media at the same
time is not acceptable
for most software vendors. This is similar to installing software on multiple
machines, which allows
simultaneous usage of the software licence by many people.
The solution seems to reside in the use of a unique physical token that must be
present when the
software is being used. This is the idea behind the "dongle" devices that plug
into the back of your
PC and their presence is checked periodically by the software. A similar thing
is the "key" diskette
used by very early copy-protection schemes. This was a diskette that was
specially marked in some
way that could be detected by software but not easily duplicated. The diskette
had to be present
when using the software. The type of marking varied from physical holes, special
codes in "system"
areas of the diskette, or even tracks that where recorded at the "wrong"
densities.
The major flaw in these methods, is that the software that was used to detect
the presence of the
token could be hacked to skip over the checking or always return a success flag.
The Rational Software company uses a highly effective copy protection scheme
that is a real pain for
its customers, but at $10,000+ for each licence we don't bitch too much. What
they do is when the
software is installed, it generates a special code based on the characteristics
of the machine you
are installing on. You then have to telephone Rational and speak to a person
there who will ask you
for the licence key and the installer's generated code. Rational then check
their database to see if
you haven't exceeeded the number of licences and if you haven't they give you an
authorisation code,
which you must then enter using their licence administration software. If you
need to move the
installation to a different machine (or upgrade the hardware on the installed
machine), you need to
uninstall the software first. When you do this, the uninstall will give you
another generated code,
also unique to your machine. You then ring up Rational again and tell them the
uninstall code, then
you can go and install onto another (or same) machine using the process outlined
above. The software
routines that check your licences are also very heavily protected (via
encryption and other weird
methods) to make sure you don't get around it.
The net effect is that their software can only run on a given machine until
Rational allows you to
install it on another machine. One tends not to move the software about very
much 
---------
Derek.
21/11/2001 12:30:56 PM, euman at bellsouth.net wrote:
>
>
>> Euman,
>>
>> Well, that's just it. From everything I've read, this CAN'T be done just
>> with software.
>>
>> >From what I know, programs are available on the internet that allow you
>> to copy any disk. It doesn't matter if there are are checksum errors,
>> hidden data, etc.--every bit written to the original disk is copied to
>> the new, without any regard for what it means.
>>
>> As I said, I'm no hardware guru. I get the impression that devising a
>> new disk format would only the disk from being read by conventional
>> movements of the disk drive's read/write head. If so, this might work...
>> although you're now saddled with the need for special software to read
>> the disk.
>>
>> Plus, I think committed hackers would be able to unravel the new format
>> (not that they couldn't also crack the punched-hole disk problem; no
>> solution is TOTALLY foolproof short of a one-time-pad-encrypted disk
>> with the key given in person to the appropriate user. And even that only
>> stops the data from being read, not from being copied.)
>>
>> Rod Jackson
>
>I agree with what your saying here. No method is full-proof.
>
> We have a product that is only usefull to the particular business that
>ordered the product
>in the first place. What we want to do is make it hard enough so the company
>would
>1. either loose money because they spent an enormous amount of time trying
>to figure
>out how to duplicate the software which would be more than the actual
>product update
>would cost or, 2. simply give us the cash for the updated product.
>
>It's a keep ourselves in business sort of scheme that will work because most
>of the clients
>do not have the means with which to tackle the cracks that would be
>involved.
>
>I am currently reading up on supposed proprietary disk formats from a well
>know hackers site
>and should by what I see at this point duplicate or render my own format..
>
>I thought about marking the floppy disk and the hard disk on the initial
>install of our wares
>and gather the HD info and transfer this back to the floppy in an encrypted
>form using Blow-fish
>or some type of scheme but I dont know very much the legal side of
>encryption to do this.
>Does anyone know if Blow-fish is now legal to use in/or export from the USA?
>Maybe a HASH routine would be better because it's not technically an
>encryption...
>
>There are many questions and probabilities to security and there has to be a
>combination of these
>to make a cracker go insane trying to figure it all out...If there is I
>certainly would like to do it...
>"make a cracker insane, that is!" hehehe
>
>Thanks Rod,
>
>Euman
>euman at bellsouth.net
>
>
>
>
|
Not Categorized, Please Help
|
|
