Shop OBEX P1 Docs P2 Docs Learn Events
Copy Protection? — Parallax Forums

Copy Protection?

COlsenCOlsen Posts: 8
edited 2006-08-29 12:52 in Propeller 1
Ok, I searched the forum, and couldn't find anything on this topic.· Is there any way to prevent your code from being read and "Decompiled"? ·It looks like the code is stored externally in the flash memory, and then read·by the Propeller at boot up.· It would seem impossible to copy protect your code for commercial applications!
«1

Comments

  • Phil Pilgrim (PhiPi)Phil Pilgrim (PhiPi) Posts: 23,514
    edited 2006-06-26 03:46
    COlsen said...
    Is there any way to prevent your code from being read and "Decompiled"?
    No.

    -Phil
  • bambinobambino Posts: 789
    edited 2006-06-26 17:08
    I know this isn't what you wanted to know about, but it is a possible work-around for you.

    A process I came across when I needed to add structural integrity to a circuit I made was Gooping. As it turns out if someone tried to reverse engineer my product they would first have to do X-rays to determine where to probe for a serial line let alone not destroy the device in the process.(especially if a ground plane where laid directly above and below it.

    Gooping = is a non-conductive cement poured over a circuit that has been laid in a cast. (not extremly expensive either).

    I have an address somewhere if you need it!
  • Mike GreenMike Green Posts: 23,101
    edited 2006-06-26 17:31
    For production units, you would have to prevent access to the last 4 I/O pins and the EEPROM once the EEPROM has been programmed. This would prevent the IDE from being used which you would want to prevent since that could load a program into the Propellor that could read out the EEPROM.
  • Kaos KiddKaos Kidd Posts: 614
    edited 2006-06-26 18:07
    In all fairness:
    Where there is a will, there is a way. No way around it, if someone wants it, they can get it, if they try hard enough.
    You can make it hard, real hard, but in the end, with enough time, money and desire, it's a lost battle.
    PROM's, dongles, SW keys, encryption and mis-direction, all of which are what hackers strive to survive, can and will be broken.
    And hackers, both hard and soft, will take every means needed to ensure they will succeed.
    With the open nature of the propeller, is harder still to protect the investment.
    If the investment in the program is so valuable, where as others are wont to take it without paying for it your only options are:
    Make it hard to get into the hardware (like the Goop idea, which can and has been broken), and at the same time, make it cheap for someone to buy.
    If it's so cheap, it's much simplier for them to purchase then to burn time getting into it.
    Lastly, if the code does something super, make the code purchable. THis will defer all but the most stuborne hackers, and you will likely make more $$$.

    ▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔
    Just tossing my two bits worth into the bit bucket


    KK
    ·
  • COlsenCOlsen Posts: 8
    edited 2006-06-26 18:55
    I guess using some combination of the techniques that all of you have suggested would be reasonably secure. It's actually more secure than publishing software on a CD where the binary image is readily available to anyone with a computer. I am a little surprised that Parallax didn't plan a little better for security. The security "fuse" has been a standard feature on embedded micros for many years now. With the executable stored externally to the chip, it does make security a different ballgame.

    In the end Kaos Kidd is right, given enough time and resources, anything can be broken. I learned this back in the 80's in high school. Software companies would spend all kinds of money on copy protection schemes, but there were an infinite number of teenagers with an equally infinite amount of spare time on their hands. It usually only took a couple of days before the games were hacked.

    Carl
  • bambinobambino Posts: 789
    edited 2006-06-26 19:10
    I totally agree with the Kaos Kidd on this subject.



    This message will self destruct in zzzzzzzzz!
  • Mike GreenMike Green Posts: 23,101
    edited 2006-06-26 19:13
    Chip and others have stated clearly in this forum that it was not an oversight that security was not built into the Propellor. They built some into the Stamp series and have more than enough experience with the issue.
  • bambinobambino Posts: 789
    edited 2006-06-26 19:28
    Mike,

    Could I get that URL from you, That is an interesting issue?
  • GadgetmanGadgetman Posts: 2,436
    edited 2006-06-26 21:49
    I believe there's a thread in the SX forum discussing the security of any program 'protected' by that fuse...
    Seems it's not that foolproof.

    If you want securiy, feel free to use Gooping, but remember that afterwards, the Propeller(well, the EEPROM connected to it) can no longer be updated, so you'll have to replace the entire unit if a bug is found that necessitates an upgrade.

    About software protection in general...

    In the earliy 90s, we got a lot of specialized software at the office, that needed a 'software key', usually a file in a specific location on the HDD. (It contained information on where it was placed, so any attempt to move it to another computer would invalidate it) To transfer the license we used a special license diskette, with a program to read the file, update the diskette and place/remove the file on the HDD.

    Unfortunately, particularly on our CAD machines we sometimes needed to run Norton Speedisk or similar tools...
    Or a HDD would Smile out and be replaced, with no way of getting the file off the HDD...
    Luckily, the worst of those programs was phased out by 1998(it wasn't windows compatible)
    Did I mention that the company was not very sympathetic to that, or to unreadable diskettes?

    As for the dongles connected to the Parallell port on PCs... They weren't much better, with the drivers often making it impossible to print... And the ones that was placed on a central server... AAARGH!
    (Having one was a pain in the posterior, having two was... usually a nightmare if they didn't come from the same third-party 'security' wendor)

    ▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔
    Don't visit my new website...
  • Cliff L. BiffleCliff L. Biffle Posts: 206
    edited 2006-06-28 04:52
    I've also distributed software protected by all sorts of elaborate copy-protection schemes, from tamper-resistant epoxied ICs to hardware dongles. It's amazing what people can crack these days.

    That said, if anyone needs a Propeller disassembler, drop me a line. smile.gif
  • cgraceycgracey Posts: 14,206
    edited 2006-06-28 07:13
    I thought of something yesterday that might be workable and would only amount to a resistor, a capacitor, and a few pins.

    A little background first: someone once told me about a system that our government had developed and·installed around the world (probably in the late 1980's)·that tracked ALL terrestrial radio communications. It did so by recognizing key-up signatures when transmitters were turned on. Say in some part of the world there were 1,000 identical walkie-talkies in use. Even though they may all be from the same manufacturer, they all have slight component differences due to manufacturing tolerances. Each walkie-talkie has a unique fingerprint in RF/Time. This system would identify all different transmitters, track them, and monitor their communications. I've wondered if it still works today when radio traffic has increased 1,000's of fold and perhaps millions of identical cell-phones are in confined areas. It seems like it's been outmoded and the monitoring would be much better done from within the cell-phone infrastructure.

    Anyway, every transistor within a Propeller chip varies slightly from all its (otherwise-) identical twins. Think about the I/O pads. They all have slightly different input·thresholds due to ever-undulating oxide thicknesses and dopant concentrations at fabrication time. No two are identical. Say you connected an I/O pin to a resistor, and that resistor to a cap to ground. Then you connected three other I/O pins to the resistor-capacitor junction. When you toggle the first pin up and down, the other three pins will see slightly different·toggle delays due to their threshold differences. You could use the CTRs to track these differences in 12.5ns increments. You could have your program profile the relative differences the first time it runs, store this data back to the EEPROM, and then check for these relative differences every time thereafter. You would have to do a little R&D to make sure that temperature and voltage extremes wouldn't break your profile. It might work just fine. The point is that if they tried to copy the EEPROM data and run it on another Propeller chip, it wouldn't work. For someone to figure out what was going on, they would have to reverse-engineer your program from the data in the EEPROM. This could be a very difficult thing to do, especially if they didn't even know what they were looking for. Perhaps some kinds of subtle tricks like this could be pulled, maybe even with phenomena that·are entirely internal to the chip.


    ▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔


    Chip Gracey
    Parallax, Inc.

    Post Edited (Chip Gracey (Parallax)) : 6/28/2006 7:23:56 AM GMT
  • Cliff L. BiffleCliff L. Biffle Posts: 206
    edited 2006-06-28 16:14
    Having dealt with code that used even more complex hardware protections (Palladium), the disabling process would go as follows.

    1. Extract code from EEPROM.
    2. Disassemble.
    3. Bypass with jumps.

    smile.gif
  • cgraceycgracey Posts: 14,206
    edited 2006-06-28 16:34
    You could make it much more difficult than that by intertwining application-requisite code with the protection checks. Also, this code (in assembly language) could be scrambled in sections of the EEPROM and it only gets unscrambled at run-time within COGs. So, you'd have to disassemble it and then simulate it to see it unfold, so that you could figure out where you'd need to put the bypasses. Then, you'd have to insert them and rescramble the code, minding any checksums, etc. I bet it could be made REALLY ugly for the person trying to hack it.
    Cliff L. Biffle said...
    Having dealt with code that used even more complex hardware protections (Palladium), the disabling process would go as follows.

    1. Extract code from EEPROM.
    2. Disassemble.
    3. Bypass with jumps.

    smile.gif

    ▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔


    Chip Gracey
    Parallax, Inc.
  • Kaos KiddKaos Kidd Posts: 614
    edited 2006-06-28 17:08
    As Cliff has pointed out, because the data (your application) is in a "open state of storage" in the eeprom, this is the weakest point of the system, and thus is where the protection needs to be placed at. The propeller exposes a second threat: the ability to download directly to ram. With this capability, one could download a program directly into the propeller that would directly (and properly so) read and output the eeprom, therefor rendering all software and hardware systems moot.
    No matter how you protect the hardware, obscure the code, the bottom line is this: Once it's off the eeprom, it's simply a matter of time before it's broken.
    Sorry to say this, but securing the code in the propeller is highly unlikely.
    Locks don't keep criminals out, they keep honest people out; there's no such thing as an honest criminal.
    The best you can hope for is to make it REAL hard to get illegailly, AND real EASY legaly.

    ▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔
    Just tossing my two bits worth into the bit bucket


    KK
    ·
  • Chris SavageChris Savage Parallax Engineering Posts: 14,406
    edited 2006-06-28 17:41
    Kaos Kidd said...(trimmed)
    The propeller exposes a second threat: the ability to download directly to ram. With this capability, one could download a program directly into the propeller that would directly (and properly so) read and output the eeprom, therefor rendering all software and hardware systems moot.
    No matter how you protect the hardware, obscure the code, the bottom line is this: Once it's off the eeprom, it's simply a matter of time before it's broken.
    KK,

    ·· Even doing this, Chip's last point is still valid...You would still be tasked with having to decompile and track all instances of protection woven through the code or it wouldn't run on target systems (If looking for the profile)...In many cases it simply wouldn't be worth it (time-wise).

    ·· In a system implementing the FTDI FT232R chips, you could easily make use of Chip's idea to utilize the FTDIChip-ID feature where the FTDI chips have a unique number assigned.· The woven security code could periodically check for this ID and cease function when not found.· Again, not foolproof but they would have to work for it.

    ▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔
    Chris Savage
    Parallax Tech Support
    csavage@parallax.com
  • Kaos KiddKaos Kidd Posts: 614
    edited 2006-06-28 18:00
    All the points here are valid.
    It's the resulting mix [noparse][[/noparse]of methods used], and the determination of the devloper that's going to determin how hard it's going to be to get the data.
    The harder the better. Mixing hardware and software, in a "ballanced" form, coded not to use too much of the propellers resources, is going to be the only way.
    Just remember, what ever we discuss here, someone will be reading to find out how it's done, thus mooting the entire discussion!

    I'm really enjoying this conversation. It brings back the happy years of hacking C64 and Tandy games [noparse]:)[/noparse]
    I do have ideas on how to secure the data, but at the end, it's still able to be cracked.

    ▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔
    Just tossing my two bits worth into the bit bucket


    KK
    ·
  • Mike GreenMike Green Posts: 23,101
    edited 2006-06-28 20:12
    One thing not mentioned yet is that often the costs of (illegally) duplicating a system are not in the code. Particularly with microcontrollers, there are associated hardware costs and, sure, hardware can easily be duplicated as well. Harder to duplicate is the support services. If you're making a commodity device to be produced cheaply with little support, you're not likely to be able to protect it at all and the best "protection" is to improve the product and support it. You can protect it with trademarks that are (expensively) defensible in court and through customs. If you embed patterns in code or PC layouts that are unique, you can demonstrate that something is a "knockoff" and legally go after the copiers. It's all a matter of cost, advantages/disadvantages in cheating and what the customer gets for his/her money.
  • HarborHarbor Posts: 73
    edited 2006-06-28 20:49
    Chip Gracey (Parallax) said...

    [noparse][[/noparse]...] someone once told me about a system that our government had developed and·installed around the world (probably in the late 1980's)·that tracked ALL terrestrial radio communications. It did so by recognizing key-up signatures when transmitters were turned on.

    That's a fine example of an urban myth, Chip. A grain of truth around which troubadours weave a fascinating -- and useful -- tale, but one that is spun·from silence. We certainly can recognize a transmitter from its characteristics, and we·definitely listen. To some transmitters in some areas. After that,·what actually happens·gets classified into some tightly held compartments, but that unclassified kernel of truth is·about where the resemblance to the myth ends.

    Everything in the tale after that is a cautionary fable playing on our natural paranoia of eavesdroppers with government level resources. A good attitude to have, but not to overdo.

    Your point is correct however. If you really must copy protect something, those characteristics outside the intended signal content are an excellent place to start, and they are exceptionally difficult to mimic, almost to the point of a practical impossibility.

    Harbor - an old crow
  • Phil Pilgrim (PhiPi)Phil Pilgrim (PhiPi) Posts: 23,514
    edited 2006-06-28 21:18
    Judging by some of the postings here, what I have to say will probably be antithetical to many. But I feel that the openness enforced by the Propeller's design is a good thing. True software protection in a product using the Propeller is impossible. Obfuscation, as discussed here, is an option but offers scant security against a determined attacker, so why bother? Therefore I think it's more appropriate to celebrate the open software model the Propeller encourages, rather than try to subvert its intent with old-school notions of intellectual "property" and trade secrets. The real value in any equipment design lies in its utility, economy, and customer support. If these can be amply provided, no amount of copying will diminish its value in the marketplace. Those who resort to such tactics are likely less concerned with longterm success than making a quick buck anyway. The very success of Parallax among its many imitators is testament to that fact.

    Nonetheless, idealism can collide with reality, and some form of protection agains the real scumbags is often called for. So along these lines I would recommend a copyright accompanied by the GPL (general public license). By publishing the source code in this way, you at least drive a stake in the ground, hopefully preventing others from co-opting your work — by whatever means — and claiming it as their own.

    It's a big market that will only grow bigger by the free exchange of ideas. Sure, like anyone in this business, I've written firmware that's protected. But I'm willing to give this more open business model a good run for the money. And I'm betting it will work out to my advantage in the long run.

    -Phil
  • BeanBean Posts: 8,129
    edited 2006-06-29 01:50
    In my mind it seems the problem is that you can just copy the EEPROM and run the code on another propeller chip.
    So a scheme is needed to make the PROPELLER chip unique. I wonder if you could purposely destroy the driver for one (or more) pins, (for example tie the pin high without a resistor then program the propeller to make the pin low). Then if you could somehow test for this mal-function in the code (in a non-obvious way). I think that would work.

    The "scumbag" (to use Phil's term) could copy the EEPROM, but the code wouldn't work on a properly functioning propeller chip.

    Just an idea...

    Bean.

    ▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔
    Cheap 4-digit LED display with driver IC·www.hc4led.com

    Low power SD Data Logger www.sddatalogger.com

    "I reject my reality, and substitute yours." NOT Mythbusters
    ·
  • Kevin WoodKevin Wood Posts: 1,266
    edited 2006-06-29 03:04
    What was reason for not offering copy protection in the first place? Why not just give the next generation of chips the option?
  • Beau SchwabeBeau Schwabe Posts: 6,568
    edited 2006-06-29 04:46
    Bean,

    You are still faced with the same scenario... If you can "fuse blow" your Propeller pins why couldn't the would be hacker do the same thing?

    ▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔
    Beau Schwabe

    IC Layout Engineer
    Parallax, Inc.
  • BeanBean Posts: 8,129
    edited 2006-06-29 11:33
    After to "fuse blow" the pin, connect it to some non-functioning componets. I think it would be very difficult to look at code and tell "Oh, I see he is looking for a pin that won't pull low".
    I mean how would he know that's what you did ? With self-modifying code you could get very sneaky about detecting the fault.
    It's just a thought, but that's how I would go about it, if I wanted to protect a device.
    Bean.

    ▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔
    Cheap 4-digit LED display with driver IC·www.hc4led.com

    Low power SD Data Logger www.sddatalogger.com

    "I reject my reality, and substitute yours." NOT Mythbusters
    ·
  • Kaos KiddKaos Kidd Posts: 614
    edited 2006-06-29 13:27
    I agree with Phil on the entire subject matter.
    Open Source with GPL is the only way to truly create a product that will endure the hard/software cycles of growth and expansion.
    If your product is of such immence value, it can only grow using open source and GPL.
    Just trademark or copyright the "method of how you do it" to protect you from the real schmum bags.
    The whole idea of Open source is someone might have a better way of doing somthing you are doing, and thus can impliment and improve on it.

    Bean: LOL @ your sig line...

    ▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔
    Just tossing my two bits worth into the bit bucket


    KK
    ·
  • bambinobambino Posts: 789
    edited 2006-06-29 15:19
    A point·that should be elaborated on!

    The device that I am rebuilding the electronics for is already patented. The guy that owns it(boss) looks at it this way. Don't go out of the way to make it super secure. He feels, as mentioned earlier,·thieves are·only going to make some quick cash and if they get caught he stands to make more on the deal than the sale of the product!

    Just don't let them make a better product!!!!!!!!!!!!!!smurf.gif
  • BeanBean Posts: 8,129
    edited 2006-06-30 02:37
    I agree that in some cases "open source" is a good thing.

    But I'm sure Parallax would NEVER let the PIC firmware for the Basic Stamps to be so easily read from a BS2.

    Have you ever tried to get money out of someone using your code ?

    Damn near impossible. And what if he is not in the USA ? Even if he is, you will spend so much money on lawyers. And the courts still don't look at piracy as "stealing" (unless someone wants to make an example of them).

    And if someone is stealing your code and selling it, chances are he doesn't have a ton of money.

    From being in the retail software business, I can tell you that you will never protect your IP from someone really determined to steal it, but you can protect it from the casual pirate. 99% of the program coping we saw was the old "you like this game, here let me make a copy for ya". Very rarely was it someone trying to make a profit from copying.

    I would dare say, that the propeller MAY be excluding itself from production products if there is no way to protect the firmware.

    Just my opinion...

    Bean.

    ▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔
    Cheap 4-digit LED display with driver IC·www.hc4led.com

    Low power SD Data Logger www.sddatalogger.com

    "I reject my reality, and substitute yours." NOT Mythbusters
    ·
  • Ken GraceyKen Gracey Posts: 7,395
    edited 2006-06-30 02:44
    I believe that the most important security you have against bad guys is being able to get the product designed first, supported properly and sold as well as possible. This excludes copycats from making the same product except those who simply want to undercut the price. After all, a clone product is working from the same bill of materials, and a cost reduction could only be possible with much higher volume. And that's not very likely for a new product.

    One of the reasons the BASIC Stamp continues to prosper is because the product was properly designed and well-supported.

    Ken Gracey
    Parallax, Inc.
  • HarborHarbor Posts: 73
    edited 2006-06-30 03:58
    Ken Gracey said...

    One of the reasons the BASIC Stamp continues to prosper is because the product was properly designed and well-supported.
    Bingo. The least prosperous software producers have been those most obsessed with copy protection. That isn't a random correlation.
  • Kaos KiddKaos Kidd Posts: 614
    edited 2006-06-30 13:22
    Ken: Good point.

    ▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔
    Just tossing my two bits worth into the bit bucket


    KK
    ·
  • Paul BakerPaul Baker Posts: 6,351
    edited 2006-07-05 01:59
    Harbor said...

    Harbor - an old crow

    Harbor, you really an old crow? You sound as though you are. I use to ride past the old crow building at the Braddock Metro stop, and didn't find out what it was until recently. It would quite be interesting to sit in on one of your gatherings, though I know thats not likely.

    ▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔
    Life is one giant teacup ride.
Sign In or Register to comment.