Having trouble finding anything like this. My company wants to be able to
have me make software installation CDs that are locked to only working on a
specific laptop - keyed to the laptop's NIC MAC address. Does anyone know
of a utility package that helps with this ?
Post removed (X-No-Archive: yes)
"Sebastian Gottschalk"
news:57uvgnF2e68r2U1@mid.dfncis.de...
>G H wrote:
>
>> Having trouble finding anything like this. My company wants to be able
>> to
>> have me make software installation CDs that are locked to only working on
>> a
>> specific laptop - keyed to the laptop's NIC MAC address. Does anyone
>> know
>> of a utility package that helps with this ?
>
> Counter-question: Why are you trying something that is obviously insecure?
> Either that or you're off-topic here (this is comp.*security*.misc).
Our Users are almost all remote - and sometimes need software installation
files. We want to be able to ship the User a CD with whatever software they
need, but want to make sure they only install the software on the company
owned laptop. We were thinking that if there is a way to lock the CD to the
laptop's MAC address - then it would only work on that laptop.
Post removed (X-No-Archive: yes)
1) We aren't planning on telling the User what the software is checking for
(hoping that the software would be discrete about this)
2) Average User has trouble keeping from confusing their email password
from their login password. Doubt they would be able to figure out how the
CD is checking their system, and know how to spoof it.
And I'm sorry, but don't see any options in Outlook Express for my 'quoting
style'.
"Sebastian Gottschalk"
news:57v0ajF2edpr8U1@mid.dfncis.de...
>G H wrote:
>
>> Our Users are almost all remote - and sometimes need software
>> installation
>> files. We want to be able to ship the User a CD with whatever software
>> they
>> need, but want to make sure they only install the software on the company
>> owned laptop. We were thinking that if there is a way to lock the CD to
>> the
>> laptop's MAC address - then it would only work on that laptop.
>
> Beside that this is generally not securely possible, what exactly stops
> the
> user from simply changing his MAC address to match your choice?
>
> (BTW: Please fix your quoting style!)
Post removed (X-No-Archive: yes)
"G H"
> "Sebastian Gottschalk"
> news:57uvgnF2e68r2U1@mid.dfncis.de...
> >G H wrote:
> >
> >> Having trouble finding anything like this. My company wants to be able
> >> to
> >> have me make software installation CDs that are locked to only working on
> >> a
> >> specific laptop - keyed to the laptop's NIC MAC address. Does anyone
> >> know
> >> of a utility package that helps with this ?
> >
> > Counter-question: Why are you trying something that is obviously insecure?
> > Either that or you're off-topic here (this is comp.*security*.misc).
>
> Our Users are almost all remote - and sometimes need software installation
> files. We want to be able to ship the User a CD with whatever software they
> need, but want to make sure they only install the software on the company
> owned laptop. We were thinking that if there is a way to lock the CD to the
> laptop's MAC address - then it would only work on that laptop.
Is this software your company has written?
Or are you supporting remote users who need a variety of vendor
supplied software that you're snail mailing CD's for?
How many users are you supporting? License keys are generally the way
this sort of piracy prevention stuff gets done. License keys that get
validated with an internet site so that a given key can be used only
once and validated against known users who've paid. If your userbase
is small enough and cost of piracy large enough to have someone be
able to deal with legit users needing to reinstall after a system
rebuild, then perhaps that'd be a more effective deterrent, and less
prone to support issues. When you do goofy hardware things like this,
you will raise hte bar for the casual user, but not terribly high.
Just takes one person to post on a forum "hey, it uses MAC
address--spoof that, here's the workaround" to undo such a "security
through obscurity" method.
--
Todd H.
http://www.toddh.net/
In article <57v1vbF2dvg75U1@mid.dfncis.de>,
Sebastian Gottschalk
> G H wrote:
>
> > 1) We aren't planning on telling the User what the software is checking
> > for
> > (hoping that the software would be discrete about this)
>
> And what exactly stops them from finding out? Or from duplicating
> conditions?
>
> > 2) Average User has trouble keeping from confusing their email password
> > from their login password. Doubt they would be able to figure out how the
> > CD is checking their system, and know how to spoof it.
>
> Who cares for the average user? You only need one competent user to crack
> your software, the other ones will use Google or IsoHunt to find that
> cracked software. In your case one wouldn't even need a crack.
It sounds like they're not worried about users determined to get around
the policy, just casual or accidental attempts to install on the wrong
PC.
--
Barry Margolin, barmar@alum.mit.edu
Arlington, MA
*** PLEASE post questions in newsgroups, not directly to me ***
*** PLEASE don't copy me on replies, I'll read them in the group ***
Post removed (X-No-Archive: yes)
Exactly !!!
Anyone that really wants to steal the software, can download a torrent or go
onto any P2P system. We just want to stop the 'helpful' employee that wants
to be nice to his relatives and neighbors. Or in some cases, visiting
co-workers (we've got offices around the globe).
"Barry Margolin"
news:barmar-C73DAA.20551509042007@comcast.dca.giganews.com.. .
> In article <57v1vbF2dvg75U1@mid.dfncis.de>,
> Sebastian Gottschalk
>
>> G H wrote:
>>
>> > 1) We aren't planning on telling the User what the software is
>> > checking
>> > for
>> > (hoping that the software would be discrete about this)
>>
>> And what exactly stops them from finding out? Or from duplicating
>> conditions?
>>
>> > 2) Average User has trouble keeping from confusing their email
>> > password
>> > from their login password. Doubt they would be able to figure out how
>> > the
>> > CD is checking their system, and know how to spoof it.
>>
>> Who cares for the average user? You only need one competent user to crack
>> your software, the other ones will use Google or IsoHunt to find that
>> cracked software. In your case one wouldn't even need a crack.
>
> It sounds like they're not worried about users determined to get around
> the policy, just casual or accidental attempts to install on the wrong
> PC.
>
> --
> Barry Margolin, barmar@alum.mit.edu
> Arlington, MA
> *** PLEASE post questions in newsgroups, not directly to me ***
> *** PLEASE don't copy me on replies, I'll read them in the group ***
Post removed (X-No-Archive: yes)
"Todd H."
news:84zm5hz95b.fsf@ripco.com...
> "G H"
>
>> "Sebastian Gottschalk"
>> news:57uvgnF2e68r2U1@mid.dfncis.de...
>> >G H wrote:
>> >
>> >> Having trouble finding anything like this. My company wants to be
>> >> able
>> >> to
>> >> have me make software installation CDs that are locked to only working
>> >> on
>> >> a
>> >> specific laptop - keyed to the laptop's NIC MAC address. Does anyone
>> >> know
>> >> of a utility package that helps with this ?
>> >
>> > Counter-question: Why are you trying something that is obviously
>> > insecure?
>> > Either that or you're off-topic here (this is comp.*security*.misc).
>>
>> Our Users are almost all remote - and sometimes need software
>> installation
>> files. We want to be able to ship the User a CD with whatever software
>> they
>> need, but want to make sure they only install the software on the company
>> owned laptop. We were thinking that if there is a way to lock the CD to
>> the
>> laptop's MAC address - then it would only work on that laptop.
>
> Is this software your company has written?
>
> Or are you supporting remote users who need a variety of vendor
> supplied software that you're snail mailing CD's for?
>
> How many users are you supporting? License keys are generally the way
> this sort of piracy prevention stuff gets done. License keys that get
> validated with an internet site so that a given key can be used only
> once and validated against known users who've paid. If your userbase
> is small enough and cost of piracy large enough to have someone be
> able to deal with legit users needing to reinstall after a system
> rebuild, then perhaps that'd be a more effective deterrent, and less
> prone to support issues. When you do goofy hardware things like this,
> you will raise hte bar for the casual user, but not terribly high.
> Just takes one person to post on a forum "hey, it uses MAC
> address--spoof that, here's the workaround" to undo such a "security
> through obscurity" method.
>
>
> --
> Todd H.
> http://www.toddh.net/
This is for things like the different VPN clients (different ones for
different countries and domains) - (this comes up when a User transfers from
like Mexico to India), updated versions of productivity software (MS Office,
Photoshop, etc). We overnight (snail mail) the CD when downloading across
the Internet takes hours (over 6 hours for Office 2003), which the Users
cannot or will not wait around that long for downloading . Also keep in
mind that we've got Users that get confused by having to provide a strange
ID and password for the FTP site. We were changing the password routinely
so that the Users wouldn't be able to use the password for any length of
time. We can't stop Users from 'forgeting to ship back the CD' or simply
making a copy before sending it back.
License keys don't seem a solution as we only got 1 key when we bought 300
seats of MS Office 2003. When purchased bulk, they give a key thats limited
to 300 seats. Lets say we send out 100 CDs, each User installs the software
3 times each - and then when we go to use the key the 101st time, we get
told that we've exceeded the seat limit. When we call Microsoft, they are
able to list to us the 300 MAC addresses that go to the computers that our
key has been used on.
In article
>
>"Sebastian Gottschalk"
>news:57uvgnF2e68r2U1@mid.dfncis.de...
>>G H wrote:
>>
>>> Having trouble finding anything like this. My company wants to be able
>>> to
>>> have me make software installation CDs that are locked to only working on
>>> a
>>> specific laptop - keyed to the laptop's NIC MAC address. Does anyone
>>> know
>>> of a utility package that helps with this ?
>>
>> Counter-question: Why are you trying something that is obviously insecure?
>> Either that or you're off-topic here (this is comp.*security*.misc).
>
>Our Users are almost all remote - and sometimes need software installation
>files. We want to be able to ship the User a CD with whatever software they
>need, but want to make sure they only install the software on the company
>owned laptop. We were thinking that if there is a way to lock the CD to the
>laptop's MAC address - then it would only work on that laptop.
>
Or any other machine they want. While it's not often done, the administrative
owner of a machine can reset the MAC to be whatever he wants.
--
Christopher Mattern
NOTICE
Thank you for noticing this new notice
Your noticing it has been noted
And will be reported to the authorities