> So, my real question is, why isn't everyone demanding that the > hardware manufacturer incorporates a unique serial number, or > unique ID of some type, that is Read Only on every device? > One extra 25 cent chip on every device, that's all it would take.
i've ignored the rest of this thread - mainly because everyone else has brought up the relevant issues. but no-one really talked about a reply to this original question. since i wrote the whitepaper on this, here is the url in the knowledgebase http://kb.palmsource.com/cgi-bin/palmsource.cfg/php/enduser/std_adp.php?p_faqid=131 the bottom line is this. if there was a hardware "lock", it has to be checked somewhere in software; and, modifying the software is quite an easy task. at some point, there is a check, to verify the hardware lock against the registration. a simple negation of this check will normally mean it is no longer unregistered. in my paper i outlined ideas like doing encyrption and checksum checks - but, eventually in order to execute the code; it must be in pure assembly format. with the tools available on the palm these days, it is quite easy to dump a memory chunk (ie: the code decrypted) and then reverse engineer the encryption. most systems like this have symmetric encryption techniques. (need to get back to the original data). the only truely proven "protection" is what is implemented on the tapwave zodiac (which, i was also involved in). the concept there is that the zodiac requires that the application have a digitial signature in order to use its API's. the digital signature can be locked to a specific person, an SD card or whatever. its built into the rom, so modifying the application doesn't help. http://www.mobilewizardry.com/references/tapwave.php i think you get the idea tho. DRM is a tricky system especially when you have to implement it all in software; we have had a few ideas that have been quite successful to prevent the spread of piracy - but, they all get broken eventually. one project i am involved in (www.drcompanion.com) locks the contents of the software to the SD card. so, copying it between cards isn't possible (of course it is, but, very painstaking). faking the SD card rom identifier is quite nasty on palmos :) its much easier to fake the hotsync username or the rom id (flash rom) - and, i even wrote an application to do this on an app-by-app basis: http://www.ardiri.com/palm/hackme/ http://www.ardiri.com/index.php?redir=palm&cat=hackme&subcat=scrnshot i think someone else mentioned it here in one of the followup threads. of course, |HaCkMe| exists for OS5 for my own personal use :) you would be surprised how many emails i get per day asking for a working OS5 version :) also, look how simple it was to use :) --- Aaron Ardiri (Skype:: callto://ardiri) PalmOS Certified Developer [EMAIL PROTECTED] http://www.mobilewizardry.com/members/aaron_ardiri.php -- For information on using the Palm Developer Forums, or to unsubscribe, please see http://www.palmos.com/dev/support/forums/
