Unique ID

Hi all,

I need to find out a way of geting an Unique ID from a computer.
I’ve used for some days #sn of hdd, but there are some problems on NT without admin privileage (after SP4).
Anyone can give me some clues? (i don’t wanna use no more #sn of hdd)

Thanks in advance,
Bogdan Coroi


You are currently subscribed to ntdev as: $subst(‘Recip.EmailAddr’)
To unsubscribe send a blank email to leave-ntdev-$subst(‘Recip.MemberIDChar’)@lists.osr.com

use the mac address.

-----Original Message-----
From: Bogdan Coroi [mailto:xxxxx@cadsoft.ro]
Sent: Tuesday, May 01, 2001 8:20 AM
To: NT Developers Interest List
Subject: [ntdev] Unique ID

Hi all,

I need to find out a way of geting an Unique ID from a computer.
I’ve used for some days #sn of hdd, but there are some problems on NT
without admin privileage (after SP4).
Anyone can give me some clues? (i don’t wanna use no more #sn of hdd)

Thanks in advance,
Bogdan Coroi

You are currently subscribed to ntdev as: xxxxx@veritas.com
To unsubscribe send a blank email to leave-ntdev-$subst(‘Recip.MemberIDChar’)@lists.osr.com


You are currently subscribed to ntdev as: $subst(‘Recip.EmailAddr’)
To unsubscribe send a blank email to leave-ntdev-$subst(‘Recip.MemberIDChar’)@lists.osr.com

Mac Address ? …
If so, there’s a sample at http://www.naughter.com/pjsecure.html
http:
He use both the mac address and the serial # from the hdd to uniquely
identify the computer.
Don’t know if it will work on NT without admin privilege though …

Pat

-----Original Message-----
From: Bogdan Coroi [mailto:xxxxx@cadsoft.ro]
Sent: Tuesday, May 01, 2001 11:20 AM
To: NT Developers Interest List
Subject: [ntdev] Unique ID

Hi all,

I need to find out a way of geting an Unique ID from a computer.
I’ve used for some days #sn of hdd, but there are some problems on NT
without admin privileage (after SP4).
Anyone can give me some clues? (i don’t wanna use no more #sn of hdd)

Thanks in advance,
Bogdan Coroi

You are currently subscribed to ntdev as: xxxxx@heenan.ca
To unsubscribe send a blank email to leave-ntdev-$subst(‘Recip.MemberIDChar’)@lists.osr.com


You are currently subscribed to ntdev as: $subst(‘Recip.EmailAddr’)
To unsubscribe send a blank email to leave-ntdev-$subst(‘Recip.MemberIDChar’)@lists.osr.com</http:>

You can use TDI to query NIC ethernet address , which is unique. However , if your need this unique ID to identify a user machine for the purpose of “copy protection” don’t . First , those schemes are too weak & easy to break , second , if I where the user , I would not like the SW I aquired to run depending on Hw I have in my machine.

Best regards , Dan
----- Original Message -----
From: Bogdan Coroi
To: NT Developers Interest List
Sent: Tuesday, May 01, 2001 6:20 PM
Subject: [ntdev] Unique ID

Hi all,

I need to find out a way of geting an Unique ID from a computer.
I’ve used for some days #sn of hdd, but there are some problems on NT without admin privileage (after SP4).
Anyone can give me some clues? (i don’t wanna use no more #sn of hdd)

Thanks in advance,
Bogdan Coroi

You are currently subscribed to ntdev as: danp@jb.rdsor.ro
To unsubscribe send a blank email to leave-ntdev-$subst(‘Recip.MemberIDChar’)@lists.osr.com


You are currently subscribed to ntdev as: $subst(‘Recip.EmailAddr’)
To unsubscribe send a blank email to leave-ntdev-$subst(‘Recip.MemberIDChar’)@lists.osr.com

Hi Pat,

I looked at the address bellow, but there are some problems:

  1. If one computer does not have a MAC…
  2. #sn from that source code is not the manufacture serial, is just a format serial, and it can be changed software by many applications.

Thank you very much for your help.
Bogdan Coroi
-----Original Message-----
From: Duquette, Patrick (MTL)
To: NT Developers Interest List
Date: Tuesday, May 01, 2001 7:23 PM
Subject: [ntdev] RE: Unique ID

Mac Address ? …
If so, there’s a sample at http://www.naughter.com/pjsecure.html
He use both the mac address and the serial # from the hdd to uniquely identify the computer.
Don’t know if it will work on NT without admin privilege though …

Pat

-----Original Message-----
From: Bogdan Coroi [mailto:xxxxx@cadsoft.ro]
Sent: Tuesday, May 01, 2001 11:20 AM
To: NT Developers Interest List
Subject: [ntdev] Unique ID

Hi all,

I need to find out a way of geting an Unique ID from a computer.
I’ve used for some days #sn of hdd, but there are some problems on NT without admin privileage (after SP4).
Anyone can give me some clues? (i don’t wanna use no more #sn of hdd)

Thanks in advance,
Bogdan Coroi

You are currently subscribed to ntdev as: xxxxx@heenan.ca
To unsubscribe send a blank email to leave-ntdev-$subst(‘Recip.MemberIDChar’)@lists.osr.com

You are currently subscribed to ntdev as: xxxxx@cadsoft.ro
To unsubscribe send a blank email to leave-ntdev-$subst(‘Recip.MemberIDChar’)@lists.osr.com


You are currently subscribed to ntdev as: $subst(‘Recip.EmailAddr’)
To unsubscribe send a blank email to leave-ntdev-$subst(‘Recip.MemberIDChar’)@lists.osr.com

Bogdan,

There is not a serial number in the system that could not be altered by
software before it gets to your app. Worse, there is no serial number that
is permanent. What if the user upgrades a hard drive, or network card or
motherboard? Now they have to call your company and get permission to use
their software again?? If you are using this to protect software that
costs anything under $50,000 US, please don’t torment your customers like
that. Locks that tie software to a machine are such a pain in the butt.
If I were emperor I would make this a capital offense :slight_smile: Hey, I know how
about that spiffy CPUID Intel came up with? Grrrr…

Bill M.

“The opinions expressed by me definitely don’t match those of anyone I have
ever worked for, they are uniquely my own!”

On 05/01/01, ““Bogdan Coroi” ” wrote:
> Hi Pat,
>
> I looked at the address bellow, but there are some problems:
> 1. If one computer does not have a MAC…
> 2. #sn from that source code is not the manufacture serial, is just a =
> format serial, and it can be changed software by many applications.
>
> Thank you very much for your help.
> Bogdan Coroi


You are currently subscribed to ntdev as: $subst(‘Recip.EmailAddr’)
To unsubscribe send a blank email to leave-ntdev-$subst(‘Recip.MemberIDChar’)@lists.osr.com

Hi Bill,
Intel’s CPUID purpose was to provide a consistent way of identifying
the processor family and characteristics without relying on devious
schemes and obscure processor flags… :slight_smile:

Now imagine the following scenario:
-The user does not have a MAC… :slight_smile:
-The spiffy “CPU serial nr ID «feature»” is disabled from BIOS… :slight_smile:

Ooops.

Personally I’m not very fond of uniquely IDentifying the equipment:
users will surely dislike that kind of “feature”. But if you *really*
need
to do that, my tip is to follow an “obscure” approach (don’t quote me
on this) and use a key made up of a mixture of a few “fixed”
characteristics (e.g. the CPU characteristics - OK, Bill, now use the
CPUID… :slight_smile: - and some clever hdd and BIOS checksums…). But, as
I said, it’s highly user-unfriendly and it won’t give you a 100%
*unique* ID… Of course, you could always pack your software with
a hardware dongle… :)))

Miguel Monteiro
xxxxx@criticalsoftware.com
www.criticalsoftware.com

«Humour and love are God’s answers
to Human weaknesses»

On Wednesday, May 02, 2001 1:46 AM, ““Bill M.” ”
wrote:
>Bogdan,
>
>There is not a serial number in the system that could not be altered by
>software before it gets to your app. Worse, there is no serial number
that
>is permanent. What if the user upgrades a hard drive, or network card
or
>motherboard? Now they have to call your company and get permission to
use
>their software again?? If you are using this to protect software that
>costs anything under $50,000 US, please don’t torment your customers
like
>that. Locks that tie software to a machine are such a pain in the
butt.
>If I were emperor I would make this a capital offense :slight_smile: Hey, I know
how
>about that spiffy CPUID Intel came up with? Grrrr…
>
>Bill M.
>
>“The opinions expressed by me definitely don’t match those of anyone I
have
>ever worked for, they are uniquely my own!”
>
>On 05/01/01, ““Bogdan Coroi” ” wrote:
>> Hi Pat,
>>
>> I looked at the address bellow, but there are some problems:
>> 1. If one computer does not have a MAC…
>> 2. #sn from that source code is not the manufacture serial, is just a
=
>> format serial, and it can be changed software by many applications.
>>
>> Thank you very much for your help.
>> Bogdan Coroi


You are currently subscribed to ntdev as: $subst(‘Recip.EmailAddr’)
To unsubscribe send a blank email to leave-ntdev-$subst(‘Recip.MemberIDChar’)@lists.osr.com

Most of the protection schemes Ive seen in my life where doomed from start ,
mainly because the team which implemented them did not made any effort to
look at their product
from the perspective of an attacker. Even using a powerfull dongle might
prove inefficient , because you still have to use wisely the features of the
dongle , a task which many developers fail to accomplish. As for “obscure”
approches , security trough obscurity is
known not to work – is a fact which was proved too many times. Combine
cryptographic tehniques with traditional approaches , and add a strong
anti-debugging layer to your product. As for tracking leaks from customers
to the pirate market , I used with success
watermarking of excutables , i.e there are means to generate for every
customer a unique
executable which would identify him at any time , and if this is clever
implemented , those watermarks are extremly hard to be removed. This will
work if you have a relative small
consumer market for your program.

Best regards , Dan

----- Original Message -----
From: “Miguel Monteiro”
To: “NT Developers Interest List”
Sent: Wednesday, May 02, 2001 11:29 AM
Subject: [ntdev] RE: Unique ID

> Hi Bill,
> Intel’s CPUID purpose was to provide a consistent way of identifying
> the processor family and characteristics without relying on devious
> schemes and obscure processor flags… :slight_smile:
>
> Now imagine the following scenario:
> -The user does not have a MAC… :slight_smile:
> -The spiffy “CPU serial nr ID «feature»” is disabled from BIOS… :slight_smile:
>
> Ooops.
>
> Personally I’m not very fond of uniquely IDentifying the equipment:
> users will surely dislike that kind of “feature”. But if you really
> need
> to do that, my tip is to follow an “obscure” approach (don’t quote me
> on this) and use a key made up of a mixture of a few “fixed”
> characteristics (e.g. the CPU characteristics - OK, Bill, now use the
> CPUID… :slight_smile: - and some clever hdd and BIOS checksums…). But, as
> I said, it’s highly user-unfriendly and it won’t give you a 100%
> unique ID… Of course, you could always pack your software with
> a hardware dongle… :)))
>
> Miguel Monteiro
> xxxxx@criticalsoftware.com
> www.criticalsoftware.com
> ------------------------------------------------------------
> «Humour and love are God’s answers
> to Human weaknesses»
> ------------------------------------------------------------
>
> On Wednesday, May 02, 2001 1:46 AM, ““Bill M.” ”
> wrote:
> >Bogdan,
> >
> >There is not a serial number in the system that could not be altered by
> >software before it gets to your app. Worse, there is no serial number
> that
> >is permanent. What if the user upgrades a hard drive, or network card
> or
> >motherboard? Now they have to call your company and get permission to
> use
> >their software again?? If you are using this to protect software that
> >costs anything under $50,000 US, please don’t torment your customers
> like
> >that. Locks that tie software to a machine are such a pain in the
> butt.
> >If I were emperor I would make this a capital offense :slight_smile: Hey, I know
> how
> >about that spiffy CPUID Intel came up with? Grrrr…
> >
> >Bill M.
> >
> >“The opinions expressed by me definitely don’t match those of anyone I
> have
> >ever worked for, they are uniquely my own!”
> >
> >On 05/01/01, ““Bogdan Coroi” ” wrote:
> >> Hi Pat,
> >>
> >> I looked at the address bellow, but there are some problems:
> >> 1. If one computer does not have a MAC…
> >> 2. #sn from that source code is not the manufacture serial, is just a
> =
> >> format serial, and it can be changed software by many applications.
> >>
> >> Thank you very much for your help.
> >> Bogdan Coroi
>
>
>
> —
> You are currently subscribed to ntdev as: danp@jb.rdsor.ro
> To unsubscribe send a blank email to leave-ntdev-$subst(‘Recip.MemberIDChar’)@lists.osr.com
>


You are currently subscribed to ntdev as: $subst(‘Recip.EmailAddr’)
To unsubscribe send a blank email to leave-ntdev-$subst(‘Recip.MemberIDChar’)@lists.osr.com

> that. Locks that tie software to a machine are such a pain in the butt.

If I were emperor I would make this a capital offense :slight_smile: Hey, I know how
about that spiffy CPUID Intel came up with? Grrrr…

CPUID is not a solution too because people upgrade CPUs.

Max


You are currently subscribed to ntdev as: $subst(‘Recip.EmailAddr’)
To unsubscribe send a blank email to leave-ntdev-$subst(‘Recip.MemberIDChar’)@lists.osr.com

> Most of the protection schemes Ive seen in my life where doomed from start
,

mainly because the team which implemented them did not made any effort to
look at their product
from the perspective of an attacker. Even using a powerfull dongle might
prove inefficient , because you still have to use wisely the features of
the
dongle , a task which many developers fail to accomplish. As for “obscure”

Especially if the cracker already has at his disposal the copy of the legal
app and the dongle.
Writing a LPT filter driver and monitoring all dongle traffic will help a
lot.

Max


You are currently subscribed to ntdev as: $subst(‘Recip.EmailAddr’)
To unsubscribe send a blank email to leave-ntdev-$subst(‘Recip.MemberIDChar’)@lists.osr.com