On Mon, Oct 23, 2000 at 09:51:38AM +0200, Aaron Ardiri wrote:
> actually, the purpose of the paper is not to encourage people to
> write "crippleware". have you ever thought that maybe, the purpose
> of the paper is to educate developers?
>
> how many developers think:
>
> - what type of licensing should i use?
> - my software is easialy cracked
> - how can, if i want, add some protection to deter some of them?
> - and finally, is it REALLY worth it?
>
> the bottom line is that regardless what you do, it is not worth it.
>
> also, you may be too much into focusing on your hardware and miss a
> future possibility with this type of research. how open minded are
> you? what do you think this type of research can be applied to?
The field of cryptography is closely related since a lot of attacks
relate to compromising the key instead of trying to break the actual
encryption. This is well researched. I doubt you will find something
new here, and the applications overlap.
Have you read Bruce Schneier's "Applied Cryptography"? If not, you
are trying to present Faraday to someone who already knows Maxwell.
And that is the standard beginning text.
> this is a research paper, i can see many future possibilities.
Now I am confused. You are looking into the future, but have you
investigated that state of the art (or even the state of the art a
decade ago after the Amiga and Atari ST reached their zenith and had
their optimal "crack-proof" code)? Or the larger market of the PC
and/or Mac? This would be the starting point for research for the
topic.
Unless you have something completely different then you have been
describing so far, it sounds like you will be presenting Basic
Software Protection Technology 1986.
This might be why I am not taking you seriously. Your cracker war
doesn't make you an expert in security. And I was in your position
over a decade ago, so your "research" sounds very stale. If you were
presenting it one layman's overview my attitude would be different. I
may know some of the answers to what the future holds, and I do know
what happened in the past.
The only future possibility I can see is the movement to OpenSource
(Maybe I should write a paper on why you should NOT protect your
software, but Palm should be able to get Eric Raymond who can do a
much better job, which is exactly the point of the OS movement). Have
you read his papers on the OpenSource movement? His arguments are
mainly ones of economic efficiency. Is this form of licensing going
to get an overview (if not it is incomplete).
But I am curious. What possibilities do you see? Wireless servers,
so you have to subscribe to run the programs? Hardware keys using
protected memory cards or something similar? More elaborate software
schemes? Something that isn't or wasn't used in the last three
decades on another platform?
> if you want to criticise, lets be constructive about it. i knew
> there would be a lot of critcism behind this paper - but heck, the
> community must be informed of what is going on.
I assume they know, or have a good idea, at least if they are a
commercial outfit, and PalmSource is not a hobby programmer
convention.
The issue of licensing might be more sticky than you know - it isn't
merely assigning a label - the law varies by country and even by
state, and if you do things wrong you might end up with liability.
Proper licensing by itself should be more than one paper or session.
And there are legal implications of some protection schemes. If you
are not presenting correct information in this area you will be doing
more harm than good.
And the history of software protection is interesting, but that book
is on a much later chapter. It would be tragic if Palm programmers
learned from their own mistakes instead of the mistakes of others.
--
For information on using the Palm Developer Forums, or to unsubscribe, please see
http://www.palmos.com/dev/tech/support/forums/
