Re: Want to Protect my Software - Recommendations?



Hi Regina,

I only implement the copy "protection" for my own software, not
for reselling the copy protection solution. Why should I be concerned
with patents?
I was just pointing out common methods (Product Keys/Product
Activation) and semi-anonymous hardware signatures for identifying
unique installations (truncated hashing).

Why should I be concerned with patents?
That's a decision you have to make.

Jeff

On Aug 13, 10:59 am, holtz.reg...@xxxxxxxxxxxxxx wrote:
Jeff, I only implement the copy "protection" for my own software, not
for reselling the copy protection solution. Why should I be concerned
with patents? I am not going to compete with Microsoft or any other
evil empire. Can you explain?

Thanks,
Regina

On Aug 11, 4:04 pm, Jeffrey Walton <noloa...@xxxxxxxxx> wrote:

Hi Regina,

I've noticed there is not a lot of quality reading out there on the
topic, so what little I know is from reverse engineering of binaries
to see how they work and reading patent claims.

I want to protect my software such that upon invocation of installer,
it sends to my web site some hash of the customer's PC hardware
configuration

It seems the trend is towards truncated hashing. The truncation adds
hardware anonymity to the process. Truncated hashing is what Microsoft
uses in WPA. Adobe uses a Macrovision product, which in the past,
simply uses a hard drive serial number from a DeviceIoControl from a
custom driver. I've also noticed the Macrovision driver has gone
through a couple of revisions due to security vulnerabilities. N.B.:
Adobe does not update the driver they install, so they leave the hole
on your system. From Updating the Macrovision SECDRV.SYS Driver [1]:
"This driver update also addresses new public reports of a
vulnerability in the secdrv.sys driver on supported editions of
Windows Server 2003 and Windows XP..."

then in my web server a script will generate a matching
"unlock" key that will let the installer proceed and send it back to
the user (via HTTP).

This is typically done with a signature mechanism. If the server is
satisfied, it will sign a SUCCESS message and return it to the client.
If the validation fails at the server, the server signs a message
indicating FAIL.

Since I am still operating on a shoe string budget...

Ooops... Microsoft owns the intellectual property on the truncated
hashing gear - USP 6,243,468, "Software Anti-piracy System that Adapts
to Hardware Upgrades". In Europe, the patent is EP1452940.

For the product key stuff, the landscape is full of land mines. The
patent that sticks out with respect to product keys is that of Jason
DeMontt, USP 6,173,403, "Method and Apparatus for Distributing
Information Products".

I don't recall patents on signatures to validate an installation. If
you dig deep enough, you'll probably find something on the subject.

If you've got something working, hopefully it will not be claimed by a
troll. The trolls don't license their technologies - they wait for a
perceived violation and then litigate for damages. I recently read
that companies such as Google, Verizon, and HP are forming their own
coop to pool IP resources [2].

without having to be bound by the GPL license ...

Probably not what you were hoping for...

Jeff

[1]http://www.macrovision.com/promolanding/7352.htm
[2]http://valleywag.com/5020978/google-hp-and-others-form-league-of-extr...

[SNIP]
.



Relevant Pages

  • Re: Want to Protect my Software - Recommendations?
    ... hardware anonymity to the process. ... I've also noticed the Macrovision driver has gone ... Windows Server 2003 and Windows XP..." ... In Europe, the patent is EP1452940. ...
    (sci.crypt)
  • Re: Who reads this group, was How a Search Engine Might Assume a Query Implies a Site Search
    ... A newly granted patent from Google may assume that a searcher would ... Some search engines permit a user to restrict a search to a set of ... by including special characters or terms in the search query. ... interested in hardware at all, except as it affects their interactions ...
    (comp.sys.ibm.pc.hardware.chips)
  • Re: Fedora Desktop future- RedHat moves
    ... point of it being an interface. ... overpriced proprietary software is to make usable replacements for as ... Windows doesn't change its driver interface on a monthly basis, ... And Microsoft and other large corporations are trying to get the patent ...
    (Fedora)
  • Re: hash patent by AltNet; Python is prior art?
    ... > ZDnet features an article about the had patent at AltNet ... The use of hashing always requires an idnetity check, ... > limited amount of entries). ... being disputed here are cryptographic hashes, ...
    (comp.lang.python)
  • Re: The IBM Multimedia collaboration
    ... There's more info if you look at patent 5,515,474 ... looked her up when I needed some info about the driver. ... Although it was the Sound Blaster that put sound into computers (and defined ...
    (comp.sys.ibm.ps2.hardware)