Penetration Testing mailing list archives

Re: How secure are dongles for copy-protection?

From: <shampster () mail 3xT org>
Date: Mon, 4 Jun 2001 23:02:56 -0700 (PDT)


On Mon, 4 Jun 2001, Harold Thimm wrote:

I'm looking for any information on incorporating dongles into a software
package for copy protection. In particular, I'm looking for information
on the Rainbow Technologies Sentinel, but advice on dongle-based copy
protection in general is appreciated.

How easy/difficult is it to break this kind of copy-protection? Are there
any known weaknesses in the dongle-type systems themselves (as opposed to
implementation weaknesses?)


Dongle protected applications are (at least were) always fairly easy
targets.  One can typically just set breakpoints on
serial/parallel IO events and follow the code back to the
application/dongle API level.  At that point it doesn't matter that your
protection scheme has a 'hardware' element to it.

If you are planning on just using a 'IsDongleHere()' -- you typically
only need to change one byte to turn a conditional jump into an
unconditional one to break the protection.  More complex schemes, that
store data on the key itself -- only raise the bar slightly, since it's
usually pretty easy to see what needs to be force-fed back to the
application to make it happy.  Reading the time off the dongle (for
time-limited protection schemes) are equally hackable due to it being so
easy to set breakpoints on serial/parrallel IO events.

Without knowing more details about what you are trying to accomplish --
I'd suggest using some form of proven cryptography system as your method
of implementation.

Look at http://www.searchlores.org/protec/protec.htm
 . . . and STFW for old fravia.org essays on reversing dongled
applications.


Are there any dongle-based protection schemes that have been cracked, and
if so, how? (A pointer to a URL would be appreciated, if you have it.)


I haven't yet heard of one that _hasn't_ been cracked.
The best way to learn how to protect your software is to learn how to
reverse software yourself.


Thanks in advance.

HAL

________________________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com

Current thread:

How secure are dongles for copy-protection? Harold Thimm (Jun 04)
- Re: How secure are dongles for copy-protection? shampster (Jun 05)
- Re: How secure are dongles for copy-protection? Ben Meghreblian (Jun 05)
- <Possible follow-ups>
- RE: How secure are dongles for copy-protection? Jonah Kowall (Jun 05)
- Re: How secure are dongles for copy-protection? Victor A. Rodriguez (Jun 05)
- Re: How secure are dongles for copy-protection? Felix Huber (Jun 05)
  - Re: How secure are dongles for copy-protection? Ryan Permeh (Jun 05)
    - RE: How secure are dongles for copy-protection? Pedro Hugo (Jun 05)
    - RE: How secure are dongles for copy-protection? c0ncept (Jun 05)
    - Re: How secure are dongles for copy-protection? Jordan Frank (Jun 06)
    - Re: How secure are dongles for copy-protection? shampster (Jun 05)
    - Re: How secure are dongles for copy-protection? Ryan Permeh (Jun 06)

(Thread continues...)