:internet nodes around somewhere...). While the might of bands like :Paranoimia, Skid Row, and Razor 1911 are usually concentrated on games, :their expertise applies equally well to "serious" software - it's just :that games are more marketable/popular and thus get the crackers' names :to more people. ::PS - the example above is an overestimate - it often happens that :software is cracked and distributed within HOURS of release. There is a *considerable* difference between kiddy hackers breaking game protection, and breaking a cryptographically secure protocol. What the kiddy hackers do is try to unravel layers of security through obscurity. With the kind of problem we're talking about, all the code is actually released into the public domain, available for inspection. The security resides in things like the difficulty of inverting complex 1:1 hash functions which were modified by a secret key, or of factoring the products of large primes, which has been shown to be beyond our best mathematicians, and these spotty little kids *ain't* our best mathematicians, by a long chalk. G
There is a *considerable* difference between kiddy hackers breaking game protection, and breaking a cryptographically secure protocol.
What the kiddy hackers do is try to unravel layers of security through obscurity. With the kind of problem we're talking about, all the code is actually released into the public domain, available for inspection. The security resides in things like the difficulty of inverting complex 1:1 hash functions which were modified by a secret key, or of factoring the products of large primes, which has been shown to be beyond our best mathematicians, and these spotty little kids *ain't* our best mathematicians, by a long chalk.
G
Let me make a point here: I run an Amiga, and Amiga games do go to town on copy protection. They generally rip the OS out of memory, and install a custom one, do custom formats of the disk (as in the structure is normally unreadable) and have further hard protection such as laser holes, etc. This is not kids' stuff - this is serious, and these people are carcking it within hours. Let them loose on any program with their own hardware, and they are capable of doing some quite serious things to the rights of the author. MJH * * Mikolaj J. Habryn dichro@tartarus.uwa.edu.au * "Life begins at '040." PGP Public key available by finger * "Spaghetti code means job security!"
Mikolaj Habryn <dichro@tartarus.uwa.edu.au> writes:
Let me make a point here: I run an Amiga, and Amiga games do go to town on copy protection. They generally rip the OS out of memory, and install a custom one, do custom formats of the disk (as in the structure is normally unreadable) and have further hard protection such as laser holes, etc. This is not kids' stuff - this is serious, and these people are carcking it within hours. Let them loose on any program with their own hardware, and they are capable of doing some quite serious things to the rights of the author.
Graham's point is still valid here. cryptography is a matter of fairly complex mathematics - this is not a trivial thing to attack. I know from experience many ways of getting around the various forms of copy protection used on software, and most of it is just a matter of comparing a legitimate run with an illegitimate run. to oversimplify, there is often a point in a program that branches on a test condition and in many cases, all that needs to be done is to find these and change a a branch if equal instruction to branch if not equal, so that the program depends on *not* satisfying the parameters of the copy protection. likewise, on serialized software, it's often fairly easy to figure out the pattern and change the serial number without figuring out the way it's encrypted by the program. anyway, I digress, the purpose of this list is data encryption, not to teach people how to beak copy protection. the only potential harm that could be done by these people is to weaken the programs we use for encryption, but there is not much of a point to doing so. -- Mike Sherwood internet: mike@EGFABT.ORG uucp: ...!sgiblab!egfabt!mike
participants (3)
-
gtoal@an-teallach.com -
mike@EGFABT.ORG -
Mikolaj Habryn