The whole debate of copy protection is taking an interesting turn this time around. I too believe that people outside of the U.S are severely at a disadvantage using the current key system. An interesting point about the copy protection currently in use is that it would be relatively simple to supply a customized executable via the internet that could install a valid (time limited) key on the hard drive which could get someone up and running until a new keydisk could be shipped to them via the mail. This is really simple (less than 100 lines of code) and HJ could even have a template in place where they enter a few values and the program is automatically compiled for them (can we say makefiles boys and girls) an extention on this would be to ship a password with jfw when it is sold that could be used (along with the serial number) to retrieve such a program (dynamic compilation) from the web site if/when it is needed. This is all really trivial, something that would take a day at most to whip up. As far as copy protection goes, an old addage applies. If it can be created on a normal drive, it can be copied on a normal drive. This leaves HJ and other companies who copy protect their software with a number of options, none of which are optimal. The first is to use hardware based copy protection (either through the use of a dongle or a specially created disk with physically damaged sectors). Either of these are very difficult to copy (I say difficult since Autodesk found out the hard way that autocad dongles could be reverse-engineered, and anyone with access to a precision laser can do the sector damage thing themselves) but they also add considerably to the cost of the product (in the case of dongles around $25, and in the case of manufactured disks usually considerably more) and they're an inconvenience to the end user, more so than the current copy protection system. Another is to use a cd key (or similar serial number based copy protection system). This doesn't work for the simple reason that it prevents HJ from being able to release full updates over the web. This is the reason that Microsoft do it and HJ don't, because Microsoft never release full products on the web like HJ can because of the need for a key disk to run them. You can't check the original cd in the same way you can a keydisk because you don't have direct access to the cd rom drive under windows. Another option is so called cpu locking (so called because its hardly ever, if ever, done on the cpu). This is the way most companies will head with the new Pentium III cpus. This is great because you can just reinstall if something happens to your hard drive, but it too has a number of limitations. The first is that there is no way to limit the number of installs, Just borrow a friend's copy and install it on your machine, even though you can't back it up and restore it to a new machine you still have a working version. The second is that the program is bound to one particular piece of hardware (there are several good candidates inside each machine) and if that particular piece of hardware is changed your copy becomes invalid. The way around this is to have a lock code system whereby the program runs on the machine, generates a lock code and an appopriate unlock code is supplied by the manufacturer which bases itself on values in the lock code determined by the hardware. This can be implemented over the web and is probably the best way of copy protecting software to date. You can limit the number of unlock codes that can be generated by the web page for each serial number and the whole process can be automated if you want. HJ hasn't done this because it would require a complete engineering overhall, and its a *lot* of work. and if someone guesses the scheme you are using to generate unlock codes you're basically stuffed. So you have to invest lots of time in developing a decent scheme (a one way hash of the data is one way of doing this, an asymetric key cypher is another.) The other way to do it is the HJ approach. Choose a relatively secure copy protection system and figure that noone is going to try to copy it. Lets look at the piracy scene a bit to understand this mentality. Most of the piracy is done by sighted teenagers who could make a great living out of generating copy protection schemes that really work. There is one big factor that prevents effective hacking by blind people, and that is the lack of a decent talking debugger for windows. HJ correctly figure that the piracy groups who are the main threat to software companies who use copy protection won't give two thoughts to the protection on jaws because the end result would be a program that is essentially useless to them. So the copy protection system really only has to be strong enough to deter the casual pirate and the rest will pretty much take care of itself. I dare say they also go on the assumption that anyone who _did_ break the copy protection would be a registered owner anyway (how else would you get a keydisk) and hence would be unwilling to hand out copies. This too would be a safe assumption, quite apart from the fact that you'd be doing a fine company out of good money that they rightfully deserve to be paid, you'd also be opening yourself up for all sorts of lawsuites. So, the current approach is both the safest bet for hj and the most economic for the users. A point on the cost of replacement keydisks, quite apart from shipping costs, it costs HJ to generate a keydisk for us (yes, their copy protection system is copy protected itself). So they have to pay each time they generate one. The only approach they could take without incurring large redevelopment costs would be to implement the above mentioned web system and build the cost of a couple of replacements into the price of jfw (we're talking an extra dollar or two). Perhaps this is something HJ could look at in the future. Anyway, thats my little justification for HJ's actions. Regards Aaron -- Aaron Howell Kitten Internet. [EMAIL PROTECTED] Unix/Networking support/system integration irc: DaRkAnGeL +61-417-625550 I love you Nessa, now, forever, always! - Visit the jfw ml web page: http://jfw.cjb.net
