EnderAndrew Posted July 12, 2005 Posted July 12, 2005 Maybe I didn't describe it well, but that article doesn't contradict what I was saying. Obscurity comes into play that you are counting on the fact that people won't know the crucial info to get into your system. You don't intentionally leave vulnerabilities, you just operate on the predication that people won't know how to get in. You try to make it so that instead of the common security issues most people have, your security vulnerabilities are less obvious. Security through obscurity is often a means of those on a microbudget, and antiquated technology is still a common method of employing security through obscurity. Old technology often has fewer vulnerabilities as the system is quite simple. The vulnerabilities that do exist are not necessarily as well known, since it's a few generations back and most hackers are young, and versed on cutting edge exploits. You are suggesting security through obscurity means to not lock your door, where as modern security is to buy the latest and greatest lock. My suggested metaphor is to use an older lock that people may no longer know how to pick. The article suggested using a lock, but leaving a key under the welcome mat. I think it's a poor example.
metadigital Posted July 12, 2005 Posted July 12, 2005 The system does exist to an extent in the form of demos. You can sample the gameplay for free, and yet the software company doesn't have to worry about you pirating the full version of the game simply from a demo. I think the best way to combat piracy is to offer incentive to buy the full version, such as online play, or additional content for registered versions of the software. <{POST_SNAPBACK}> ... Or little blue teatowel maps. OBSCVRVM PER OBSCVRIVS ET IGNOTVM PER IGNOTIVS OPVS ARTIFICEM PROBAT
metadigital Posted July 12, 2005 Posted July 12, 2005 Maybe I didn't describe it well, but that article doesn't contradict what I was saying. Obscurity comes into play that you are counting on the fact that people won't know the crucial info to get into your system. You don't intentionally leave vulnerabilities, you just operate on the predication that people won't know how to get in. You try to make it so that instead of the common security issues most people have, your security vulnerabilities are less obvious. Security through obscurity is often a means of those on a microbudget, and antiquated technology is still a common method of employing security through obscurity. Old technology often has fewer vulnerabilities as the system is quite simple. The vulnerabilities that do exist are not necessarily as well known, since it's a few generations back and most hackers are young, and versed on cutting edge exploits. You are suggesting security through obscurity means to not lock your door, where as modern security is to buy the latest and greatest lock. My suggested metaphor is to use an older lock that people may no longer know how to pick. The article suggested using a lock, but leaving a key under the welcome mat. I think it's a poor example. <{POST_SNAPBACK}> I am not doubting your methods, but your terminology is slightly off. Security through obscurity is the (specious) idea that keeping quiet about the circumvention of a lock will keep it safe, in the vain hope that any cracker will not find it. I think you are delving into something like anachrocryptography (if I had to put a word to it). Definitely not Security by obscurity, at least not the established definition. (Who knows, maybe this is a homonymic definition addendum, as it relies on a different connotation of "obscurity" ...) I know you're trying to be the cool rebel here and "go along with the crowd"... But technicaly speaking, the reason it won't be is because of the multi-part encryption that SF 4 has going for it that other copy protection schemes do not. This is a factor whether you want to admit it, or not. It is also the real reason none of the "scene" groups have cracked it. They can front all they want about it not being worth it, or not having time to compete, blah, blah, blah. The fact is they couldn't do it because it is not a simple exec hack like most protection schemes are. The only known workaround for SF 4 involves the use of USB external drives. I know you're trying to be the obnoxious know-it-all here, as usual. But from what I've read, DT 4 will include SF emulation. So... yeah. There is no such thing as an unbeatable security system, and there will never be. Keep dreaming. <{POST_SNAPBACK}> I have to agree with Numbers. Even using an external device, like a dongle, will not prevent the anti-piracy code from working. There is a technique to enforce the programme is the same one was designed to be (I should know, I co-patented it: number 725098; anti-spoofing, encryption, obfuscating and message digest security software), but to my knowledge this has not been replicated. Consequently, wherever the checking algorithm is, it can be patched to return a green code, therefore circumventing the check. Even if that is in multiple places and multiple programmes. As for the whole notion of adding this level of complexity to an already tenuously balanced riot of competing drivers and applications inside the already over-taxed rudimentary OS, I think that is a large retrograde step. Bring back the teatowels. OBSCVRVM PER OBSCVRIVS ET IGNOTVM PER IGNOTIVS OPVS ARTIFICEM PROBAT
213374U Posted July 12, 2005 Posted July 12, 2005 Bring back the teatowels. Yup. - When he is best, he is a little worse than a man, and when he is worst, he is little better than a beast.
Musopticon? Posted July 12, 2005 Posted July 12, 2005 anachrocryptography I love that word. kirottu said: I was raised by polar bears. I had to fight against blood thirsty wolves and rabid penguins to get my food. Those who were too weak to survive were sent to Sweden. It has made me the man I am today. A man who craves furry hentai. So let us go and embrace the rustling smells of unseen worlds
Fionavar Posted July 12, 2005 Posted July 12, 2005 Sure smells like derailment ... The universe is change; your life is what our thoughts make it - Marcus Aurelius (161)
Recommended Posts