The Theoretically Uncrackable Model
Let’s ignore the current computing architectures and try to envision and define
the perfect solution: The Uncrackable Model. Fundamentally, the Uncrackable
Model is quite simple. All that’s needed is for software to be properly
encrypted with a long enough key, and for the decryption process and the
decryption key to be properly secured. The field of encryption algorithms
offers solid and reliable solutions as long as the decryption key is secure and
the data is secured after it is decrypted. For the first problem there are already
some solutions—certain dongle-based protections can keep the decryption
key secure inside the dongle (see section on hardware-based protections later
in this chapter). It’s the second problem that can get nasty—how do you
decrypt data on a computer without exposing the decrypted data to attackers.
That is not possible without redesigning certain components in the typical
PC’s hardware, and significant progress in that direction has been made in
recent years (see the section on Trusted Computing).Types of Protection
Let us discuss the different approaches to software copy protection technolo-
gies and evaluate their effectiveness. The following sections introduce media-
based protections, serial-number-based protections, challenge response and
online activations, hardware-based protections, and the concept of using soft-
ware as a service as a means of defending against software piracy.Media-Based Protections
Media-based software copy protections were the primary copy protection
approach in the 1980s. The idea was to have a program check the media with
which it is shipped and confirm that it is an original. In floppy disks, this was
implemented by creating special “bad” sectors in the distribution floppies and
verifying that these sectors were present when the program was executed. If
the program was copied into a new floppy the executable would detect that
the floppy from which it was running doesn’t have those special sectors, and
it would refuse to run.
Several programs were written that could deal with these special sectors
and actually try to duplicate them as well. Two popular ones were CopyWrite
and Transcopy. There was significant debate on whether these programs were
legal or not. Nowadays they probably wouldn’t be considered legal.314 Chapter 9