Re: How can I identify a system uniquely using MFC code
- From: Joseph M. Newcomer <newcomer@xxxxxxxxxxxx>
- Date: Tue, 13 Jun 2006 09:27:47 -0400
You point out the absurdity of most hand-rolled "copy protection" schemes. Look how much
more complex your solution is, and I suspect it is just a beginning, based on some of the
consulting I've done. The actual copy protection means in most proprietary products is
considered secret for obvious reasons, but I've worked with several clients who thought
they'd "solved" the problem on their own ("we don't need to spend money on some commerical
product!"), and I was able to demonstrate ways of cracking their schemes within a day (I
used to have an anonymous account that I used to lurk on cracker newsgroups. Anyone who
thinks they can roll their own copy protection scheme should do this first. Discover how
trivial it is to crack ANY software-only scheme. Realize that even the best commercial
software-only products, written by experts in these areas, are highly vulnerable. Then
give up and get a hardware-related product with a dynamic challenge-response mechanism and
high-level encryption, and you MIGHT have a chance of keeping your software secure...)
joe
On Mon, 12 Jun 2006 20:06:05 -0700, "Ed Weir \(ComCast\)" <Anon@xxxxxxxx> wrote:
"Bruno van Dooren" <bruno_nos_pam_van_dooren@xxxxxxxxxxx> wrote in messageJoseph M. Newcomer [MVP]
news:ug75QYgjGHA.3440@xxxxxxxxxxxxxxxxxxxxxxx
|> I am working on a MFC application. I need to identify every
| > system which uses this application. How can I do this using MFC? Is
there
| > any unique identifier for a PC which can be retrieved using MFC?
|
| You can find the computer SID in the registry.
| More details over here:
| http://www.sysinternals.com/Utilities/NewSid.html
|
| --
|
| Kind regards,
| Bruno van Dooren
| bruno_nos_pam_van_dooren@xxxxxxxxxxx
| Remove only "_nos_pam"
This use of an SID is woefully inadequate for security, as the site you have
referenced illustrates so well; anyone can change the SID of a computer, so
how can we expect the data on our hard disk to be secure? This is just one
more example of dangerous security assumptions and coding done by the
'experts' at MSFT.
A more secure method would be to create a one-way sha-256 or AES-256 hash
of:
1.) volume ID + SN
2.) User ID
3.) User domain
4.) Machine name
5.) OSINFO
6.) User PIN or passphrase
to lock the user to the hardware in use. In the event of a hardware failure
the last element can be used to recover the ID if necessary. There is of
course more to it than this, certain code which needs to be written to
implement the hash and to later validate it as well as to recover the ID
after hardware failure or machine migration.
Point is, the SID is anything BUT secure...
-- Ed.
-----------------------------------------------------
hex->bin->b64
F9E7707A2AF502D0A899C6ACB43A2D35EB7E
email: newcomer@xxxxxxxxxxxx
Web: http://www.flounder.com
MVP Tips: http://www.flounder.com/mvp_tips.htm
.
- Follow-Ups:
- Re: How can I identify a system uniquely using MFC code
- From: Ed Weir \(ComCast\)
- Re: How can I identify a system uniquely using MFC code
- References:
- How can I identify a system uniquely using MFC code
- From: Sachin Bhave
- Re: How can I identify a system uniquely using MFC code
- From: Bruno van Dooren
- Re: How can I identify a system uniquely using MFC code
- From: Ed Weir \(ComCast\)
- How can I identify a system uniquely using MFC code
- Prev by Date: Re: VS2005 and VS 6.0
- Next by Date: Re: here is a question about BITMAP
- Previous by thread: Re: How can I identify a system uniquely using MFC code
- Next by thread: Re: How can I identify a system uniquely using MFC code
- Index(es):
Relevant Pages
|
Loading
