[geeks] generating unique systemids
Lionel Peterson
lionel4287 at verizon.net
Tue Aug 28 09:53:45 CDT 2007
>From: Doug McLaren <dougmc at frenzied.us>
>Date: 2007/08/28 Tue AM 09:09:40 CDT
>To: The Geeks List <geeks at sunhelp.org>
>Subject: Re: [geeks] generating unique systemids
>On Mon, Aug 27, 2007 at 07:53:44PM -0500, Lionel Peterson wrote:
>
>| Does it need to be the primary MAC ID? Why not just check for the
>| licensed MAC ID, thenif there is a disaster, they can migrate the
>| nic and have an active license.
>
>No, that's reasonable, but then you could just take a random ethernet
>card, change it's mac address, then put it into your computer and not
>even hook it up to anything. Every computer on your network could
>have a card with this address.
A simple mechanisim to poll all "visible" systems running the same software might prevent such a work-around (Mac Office does this (it will detect another computer running Office with the same license on the local network and complain/terminate)...
I assumed the goal was to eliminate *most* hacking, not to make it impossible to crack.
<snip>
>None of this stuff is hard to defeat at all -- there's a dozen or so
>ways of doing it, from manually changing the MAC address (or whatever)
>to overriding/changing the system/library call that looks up whatever
>you use as a system ID. (Almost trivial with an open source OS, and
>not that hard with closed OS's.)
Agreed - nothing is perfect, you just need to determine how important it is to protect your software, and weigh that against the cost/effort involved in the various schemes.
>And no matter how easy it is to overcome, your legitimate customers
>won't bother, and will need new license keys whenever something
>changes. Or when they lose them. And often they'll need them at 3AM
>on Saturday morning because there was a disaster, or because they
>scheduled an upgrade and didn't realize this would be a problem.
>Perhaps they could defeat the protection themselves, but they paid for
>this software, dammit, and they shouldn't have to ...
>
>And if you do use primary MAC address, what if your system doesn't
>actually have a network type with a MAC address or the equivilent?
Many other devices have unique IDs - I mentioned USB keys before. Lime Technology uses the GUID on some USB keys to protect their software: http://www.lime-technology.com/wordpress/?page_id=20 Migrating their software would be a simple matter of moving the "blessed" USB flash drive.
>You should not have to add an unused ethernet card to a system just to
>make some software license happy.
Agreed, but if the system *has* a network card... Of course, VMWare "appliances" raise an intersting issue (you can set the MAC ID quite easily)...
>Ultimately, my point is that this might not be a great idea. It won't
>stop those who want to crack it, and will create extra work for you
>supporting your paying customers. I'm quite familiar with this, as I
>work in customer service at Vignette, and some of our products are
>licensed this way -- and it causes a lot of headaches, and I don't
>think it provides much benefit.
I worked at a small software house (UniPress) a lifetime ago, and they had "call in" license activation, it was a nightmare, but fortunately, there were few "emergency" calls for the applications they sold/supported (mainly utilities, editors, and X Windows software for PCs).
Lionel
More information about the geeks
mailing list