h a l f b a k e r y"This may be bollocks, but it's lovely bollocks."
add, search, annotate, link, view, overview, recent, by name, random
news, help, about, links, report a problem
browse anonymously,
or get an account
and write.
register,
|
|
|
Many people think copy protection is impossible.
In some ways they are right - it is not possible to stop a sufficiently determined cracker from comprehending and then breaking any code or data-requirement you may have.
Although you can make it very difficult, this is often seen as a challenge.
I've
been thinking about an alternative. Watermarking data is certainly possible, and it is much harder for a cracker to tell if he has removed all the watermarks. However, this doesn't stop propagation of your data.
WIBNI you could make people not want to pass on your intellectual property? Well, I think this idea makes that a possibility, at least for small runs.
This method is suitable for single user licenses only.
Once you have your (fairly large) file, you need to be able to watermark it acceptably. This can easily be done for code, using unused bytes, alternative instruction sequences etc.
Any of these differences can be detected and removed, so you have redundantly encode the watermark, and add a generous helping (say 10 times the information content) of random data. You should also move the internal routines of the program around so that a direct compare of 2 different copies doesn't pop up a list of differences. (This order can also contain information.)
So, what is new? The information you include is all the personal information you have about the customer that they wouldn't want to become public.
Since they've paid you, you at least transiently have their banking details, you have their address or email address, phone number etc. The good thing about this is that the customer can't fake this - if they do then they'll never receive the product.
So, you state clearly on the packaging that this program is licenced to whoever, and contains this personal information. The program when it loads up displays who it is licenced to as usual - which could of course be hacked out. But any hacker would never be sure they'd removed all the watermarking.
Occasionally you release a program which reveals who a program is licenced to, and their banking details etc. in a new way.
Alternatively, you have in the licence conditions a suitably hefty fine for spreading the program, and bill the accounts indicated for any copies which get back to you.
Program hides secret messages in executables (The Register)
http://www.theregis...ntent/55/29449.html Well folks; now it is baked (well, sort of). [Loris, Oct 05 2004, last modified Oct 17 2004]
Please log in.
If you're not logged in,
you can see what this page
looks like, but you will
not be able to add anything.
Annotation:
|
|
Our company uses USB security keys. No key = no work. |
|
|
Quick google search.. USB=Universal Serial Bus.
You are talking about a dongle? |
|
|
Sorry, these are crackable. The cracker can step through the code until he comes accross the check, then modify the code so it always thinks it has a dongle attached. Or any one of several other work-arounds. I'd link to a wonderful article on how Chris Crawford implemented a very clever copy-protection routine but he has removed it. |
|
|
It did require a non-copyable data source, which dongles -nearly- qualify as. But even his techniques were crackable by a sufficiently determined and skilled attack. |
|
|
Also, how much software do you know which distributes with dongles? Not much shareware stuff, I'll wager. |
|
|
Major downside: This would deter owners of legitimate software from slaving off copies of their distribution CD. But what if, for instance, an employee makes illicit copies of his employer's CDs ? Not only does he get the program - he gets all the bank and personal info too. And you can bet he probably isn't going to worry about making further copies for all his friends and family. |
|
|
Well meant idea + ill-considered consequences = neutral vote. |
|
|
This is a good point 8th of 7 - although I wasn't proposing this as suitable for business products. I was really thinking of small shareware products like games and utilities licenced to a single user. I suppose it could work for a business - provided each employee paid for their own copy. (I'll change the idea description to make this clearer.) |
|
|
However, this doesn't address the possibility of someone stealing the program or computer in order to get the banking details. I think it is fixable - sort of.
What you need is a program which strongly encrypts 'image files' (I don't know what they're called on a PC - basically a large file which a program transparently manages as a directory). The customer supplies a passphrase which allows the decryption of the program(s) of interest. It is then up to the user to maintain their licenced code in a secure manner. |
|
|
Aside from the privacy implications, this method is almost worthless because it depends on stopping the legitimate owner distributing copies, not on stopping other users using illegal copies, in a situation where any illicit copy can be easily and freely traded. You would only need one stolen copy published on a warez site to render the whole copy protection system redundant. |
|
|
Yeh, this is true (re: 1 copy). But then, its true of all copy-protection as well, isn't it - only one copy needs to be cracked. |
|
|
Oh, I don't really see any privacy implications. You don't keep any record of the user other than what you normally would. And my improvement in the annotation above yours (strongly encrypted using customer-supplied code) should prevent stealing. |
|
|
Don't you think it would stop casual sharing by all but the terminally stupid? I just thought it was an interesting way to change how people felt about software theft. Wouldn't you be much more protective of any program which did this? However, the more I try to discuss it, the worse people think it is (judging by the fish) so I might as well give up. |
|
|
Oh, I've just understood 8thof7s point about not being able to make a production run of identical CDs. |
|
|
This is certainly true and a weakness - I touched on that obliquely in the description. It really is only usable by people who run off an extra copy every time they get a cheque through the post. |
|
|
Many software packages each year get registered to: |
|
|
Heywood Jablowme
123 Right Here St.
Hell, NY 11234 |
|
|
I think Heywood probably doesn't care if software with his identity in it gets passed around. |
|
|
Locks are for honest people, and do little to deter a determined criminal. |
|
| |