[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: "uncrackable" executables



>As to altering MS-DOS executables, the only option that I see

>that someone cannot go through is a dongle with the MD5
>image signed by your public key burned on the ROM.  

And what code is checking that the program which is fed through the dongle
actually verifies?  Why, code in the file itself, which can be fairly
easily removed from the program, thus removing the need for the dongle.

>The
>dongle will be optional, and for user verification that
>the program works.  

That's the problem: the dongle IS always optional.  It plays no part in
how the program runs, and thus removing it from the protection "protocol"
(to use that word's widest definition) is comparitively trivial.  What
you need to do is to make sure that the dongle plays some major role
in the way in which the program runs, and as I have said on this list
recently, the commonest way this is done is to have the dongle server
constants to the program.  Even this is reverse engineerable, but at
a much greater cost.

The ultimate dongle would be one which contains additional computing
resources (say, a coprocessor), the duplication of which would render
reverse engineering at the same level of difficulty as building one
from scratch.  Thus the program is dependent on the dongle, which
enforces your protection protocol in hardware.

>I wonder if one can boot off the dongle...

Not on PC boxes (with the possible expection of the cartridge port on the
PC Jr.  Am I showing my age or what? :)

Actually, if by dongle you meant a plug-in-card, yes it is possible.  But
most people would not accept the loss of a card slot for a dongle unless
it did actively assist in running the program, and it is still a major
on-cost for the program.

							Ian.