Uniqueness of SystemStats::getDeviceIdentifiers() for copy protection?


#1

Just looking into alternatives to using the MAC addresses for a copy protection system and noticed that SystemStats::getDeviceIdentifiers() uses system folder inodes first and then if that doesn’t work falls back on the MAC address. One concern is the uniqueness of these inodes and the thinking behind going for these first over the mac address.


#2

When it comes to mac addresses most NIC controllers are generated completely at random in the form of 6 octets thus the math is 2 to the power of 12 so you have more chance of winning the lottery than selling a product that has a mac collision between two machines.

In reality some vendors may fix some bits in the address for identification but it’s more than a safe bet MAC addresses will be unique. Think of it this way. Imagine a data centre is setting up a hosting company to supply VM’s, they may order 5000 servers and each one may have 4 NIC cards in all from the same vendor. Is this a concern, nope. So using MAC addresses for some audio software is going to be far less risky.


#3

#4

I like this approach but. I would be sceptical about purchasing from smaller businesses or indie devs that employ this method as people die go bust change careers e.t.c. they need to guruantee there services won’t change. From a dev point of view it seems like a typical exchange and very solid.

@t0m
Any plans on implementing ECC into the framework as an RSA successor?


#5

I wasn’t endorsing any of the methods in there, just linking it in as extra material.

What exactly are you skeptical about? I believe these approaches are to do a one-time (or at least infrequent, when you reinstall on the same machine for some reason) “activation” of a product.

No current plans I’m afraid; I can put it on the backlog but there’s no guarantee what will happen to the task.


#6

My skepticism is just that my computer will fail and a company / individual (more likely) must support a service for key exchange. If say I relied heavily on an indie devs plugin and they for whatever reason had to shut down there site. I may be left with a license to a product I can’t use. Suppose there’s always hacking the mac method.

Don’t like being beholden to a web service.

I am probably overthinking. there’s plenty of ECC libs so not a problem , just thought it maybe nice to have as it’s adoption rate is growing and all the benefits which I’m sure your aware.