On Wed, 22 Apr 2020 14:33:08 -0700 (PDT), Quadibloc
<
jsa...@ecn.ab.ca> wrote:
>On Wednesday, April 22, 2020 at 2:18:56 PM UTC-6, Lynn McGuire wrote:
>
>> We have been thinking about not allowing our software to run until a
>> successful decryption of the password is performed and then download a
>> crucial part, such as a Win32 DLL. We are already a 140+ MB download
>> that expands to 300 MB so another small DLL would not be a significant
>> burden. But getting through some of our customers firewalls is tricky,
>> especially at the refineries.
>
>While making E-mail sent to people - if the threat model is that the hackers can
>only read the E-mails, and can't hack either your or the recipient's computer -
>secure is trivial, protecting software isn't, because here the hackers have
>access.
>
>The best practice I can suggest is:
>
>Ship the software in an encrypted form, without including the decryption key
>anywhere with the product.
>
>If you do that, how does the customer get to use the software?
>
>Well, it comes with an installer. The installer randomly generates a serial
>number, the customer phones in and gets an activation key.
If the serial number is random, how can your server tell it isn't
dealing with an unlicensed copy, which will have it's /own/ random
serial number?
>The trick is that the "activation key", in addition to telling the installer
>(which the hackers, of course, will have disassembled, so they know exactly what
>it does) "yes", this is the right activation key, would also contain the key for
>decrypting the software.
And when the software needs to be reinstalled because of a glitch that
wiped the hard drive, will this still work?
>But all this achieves is forcing the hackers to purchase _one_ copy of your
>software before they can crack it. With encryption as the only tool available,
>you can't really do better than that.
>
>Now, if you had a way to avoid giving out activation keys except to legitimate
>customers not _in_ Russia or China, though, it could be enough.
You /could/ go back to some of the early computer games' practices.
OK, actually burning a hole in the media and writing the software to
not work unless it is there is not really practical any more.
But including a special booklet of unphotocopyiable material and
requiring the user to find a bit of it, read it with the one set of
special colored glasses included that makes the text readable and type
in what he finds there might still work. You might not need to mail it
/if/ you can provide an image that, even when printed, works the same
way. I'm thinking here that a binary image file is rather hard to read
text encoded in binary in the image which is needed to run the program
from, although I could be wrong about that.
Be irritating as hell for legitimate users, though.