At 20:10 -0600 on 12/28/2011, Brian Westerman wrote about Re: cpu /
machine identification:
That's a good point, our code does put out the message at startup
about the site it's licensed to. But if someone was going to run it
purposely and not pay, zapping the one instance of the name is not
as hard as changing every page of a 300 page book.
That (Zapping the Registered Licensee Field) is not that hard to work
check for. You do a check sum on the field and spot when it has been
done. The routine to do this does not need to be hard coded but can
be built on the fly as the the program executes. The same built on
the fly code can also issue the ID message if the original field has
been hacked. The use of built on the fly code and placing the result
in a STORAGE acquired area makes it harder to find an circumvent (the
actual build code is hidden by being interleaved in normal code that
needs to run not as a simple block of code that can be bypassed by a
zapped in branch).
I have seen this type of code in commercial products that I was
responsible for developing and maintaining so I know it can and has
been done. It is simple "Just In Time" type compilation.
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@bama.ua.edu with the message: INFO IBM-MAIN
