1996-05-17 - Re: Securing CDROM from piracy

Header Data

From: Ed Carp <erc@dal1820.computek.net>
To: perry@piermont.com
Message Hash: f35299f09150964d6904f4d175b264cc0a96a363b1001f5cdbf6ddf28f1347fe
Message ID: <199605170845.EAA07610@dal1820.computek.net>
Reply To: <199605152256.SAA03246@jekyll.piermont.com>
UTC Datetime: 1996-05-17 23:57:04 UTC
Raw Date: Sat, 18 May 1996 07:57:04 +0800

Raw message

From: Ed Carp <erc@dal1820.computek.net>
Date: Sat, 18 May 1996 07:57:04 +0800
To: perry@piermont.com
Subject: Re: Securing CDROM from piracy
In-Reply-To: <199605152256.SAA03246@jekyll.piermont.com>
Message-ID: <199605170845.EAA07610@dal1820.computek.net>
MIME-Version: 1.0
Content-Type: text


> Vipul Ved Prakash writes:
> > We have developed a multimedia resource that will be cut on a CD-ROM for
> > retailling. Since we don't have our own distributers newtwork we will be
> > collobarating with another firm for distribution. Is there any way of making
> > sure that the guy doesnt pull a fast on on us? Can we ensure that he cannot 
> > duplicate the thing and start selling it without sharing the profit.
> 
> Since he can read the CD, he can duplicate it.
> 
> I will point out anyone buying a CD can do the same thing.
> 
> > Or alternatively is there any protocol we could follow that will
> > ensure a fair game?
> 
> I can't think of how...

This is the way I did something similar:

		puts("Enter your company name:");
		fgets(company, 80, stdin);
		puts("Please call 1-800-555-1212 for your encryption key:");
		puts("Enter it now:");
		fgets(supplied_key, 80, stdin);
		/* Compute a key based on what the user typed in */
		/* This is using md5 as an example */
		computed_key = md5(company);
		/* Now, compare it with what they typed in */
		if(strcmp(supplied_key, computed_key) != 0)
		{
			puts("Incorrect key!");
			exit(1);
		}
		...

As long as you keep the way you compute the key a secret, there's little 
chance that someone else could rip you off, since the key is 
implementation-dependent.
--
Ed Carp, N7EKG    			Ed.Carp@linux.org, ecarp@netcom.com
					214/993-3935 voicemail/digital pager
Finger ecarp@netcom.com for PGP 2.5 public key		an88744@anon.penet.fi

"Past the wounds of childhood, past the fallen dreams and the broken families,
through the hurt and the loss and the agony only the night ever hears, is a
waiting soul.  Patient, permanent, abundant, it opens its infinite heart and
asks only one thing of you ... 'Remember who it is you really are.'"

                    -- "Losing Your Mind", Karen Alexander and Rick Boyes

The mark of a good conspiracy theory is its untestability.
		    -- Andrew Spring





Thread