I need to calculate a machine id for computers running MacOS, but I don't know where to retrieve the informations - stuff like HDD serial numbers etc. The main requirement for my particular application is that the user mustn't be able to spoof it. Before you start laughing, I know that's far fetched, but at the very least, the spoofing method must require a reboot.
The best solution would be one in C/C++, but I'll take Objective-C if there's no other way. The über-best solution would not need root privileges.
Any ideas? Thanks.
Erik's suggestion of system_profiler (and its underlying, but undocumented SystemProfiler.framework) is your best hope. Your underlying requirement is not possible, and any solution without hardware support will be pretty quickly hackable. But you can build a reasonable level of obfuscation using system_profiler and/or SystemProfiler.framework.
I'm not sure your actual requirements here, but these posts may be useful:
Store an encryption key in Keychain while application installation process (this was related to network authentication, which sounds like your issue)
Obfuscating Cocoa (this was more around copy-protection, which may not be your issue)
I'll repeat here what I said in the first posting: It is not possible, period, not possible, to securely ensure that only your client can talk to your server. If that is your underlying requirement, it is not a solvable problem. I will expand that by saying it's not possible to construct your program such that people can't take out any check you put in, so if the goal is licensing, that also is not a completely solvable problem. The second post above discusses how to think about that problem, though, from a business rather than engineering point of view.
EDIT: Regarding your request to require a reboot, remember that Mac OS X has kernel extensions. By loading a kernel extension, it is always possible to modify how the system sees itself at runtime without a reboot. In principle, this would be a Mac rootkit, which is not fundamentally any more complex than a Linux rootkit. You need to carefully consider who your attacker is, but if your attackers include Mac kernel hackers (which is not an insignificant group), then even a reboot requirement is not plausible. This isn't to say that you can't make spoofing annoying for the majority of users. It's just always possible by a reasonably competent attacker. This is true on all modern OSes; there's nothing special here about Mac.
The tool /usr/sbin/system_profiler can provide you with a list of serial numbers for various hardware components. You might consider using those values as text to generate an md5 hash or something similar.
How about getting the MAC ID of a network card attached to a computer using ifconfig?
Related
I have a similar problem with this. How to program a simple CANopen layer .
I read the answers but I have to program a CANopen layer on my own I cannot get a commercial one. So are there any basics of writing a CANopen stack (or layer I'm not certain about the difference)? I don't know even where to start..
If it's required here's some information :
My master device is a beagle bone black with QNX. QNX has a generic CAN library I think but not specific to CANopen. And my slave is a militarized brushless motor controller. I'm writing in C++.
I have a documentation about the general requirements of my system.
There are 2 RPDOs and 4 TPDOs, transmission is synchronous, there is no stopped mode( so no heart-beat and node guarding) and all message informations are stated (size, format, related node IDs etc.)
There are actually at least 4 open source projects that implement CANopen:
CanFestival is the oldest and might be the most mature solution. License: LGPLv2.
CANopenNode is aimed at micro-controllers. License: GPLv2.
Lely CANopen is a library for implementing CANopen masters and slaves. License: Apache version 2.
openCANopen is a master that runs on Linux. License: ISC. Note: I am the author of this project.
I would have posted links, but apparently I don't have enough "reputation".
openCANopen also includes some utilities such as a daemon for forwarding traffic over TCP and a program that interprets and dumps CANopen traffic to standard output.
Lely CANopen is actually of pretty decent code quality and I might have used it if it'd been available when I started writing my own implementation. However, I have not tried using it, so I can't really say which implementation is "better". I can only say that they are different and one or the other may suit your needs better.
Now, I doubt that any of those implementations will work straight out of the box on QNX. They will either have to be adapted or you can copy individual parts of the code into your own implementations. At least that should save you some time.
The quick and dirty work-around is to only implement the bare minimum (just don't market it as CANopen or claim CANopen compliance):
Support for those specific RPDOs/TPDOs that the other node will send/expect to receive. Use fixed COBID (CAN identifiers). Forget about PDO mapping and PDO configuration, use fixed settings.
Implement a NMT bootup message.
Implement NMT state transitions between pre-operational and operational (your node needs to respond to these from the NMT master).
Implement some means to set the node id. Easiest might be to hard code it as a program constant.
If you are lucky, this is all that is needed. If you are unlucky, there will be SDO commmunication, meaning you will have to implement the SDO protcol and also the whole Object Dictionary. Otherwise, the above is fairly straight-forward and not that much work.
In case you need the Object Dictionary, then there might be no other way around getting a full-blown protocol stack. You'll also need to apply for a vendor id from CAN-in-Automation, but it's a one-time fee (no royalties).
I'm from Embedded Office and want to add my penny to your search, even if it's late. First I want to mention, the reason why we didn't put drivers into the canopen-stack repository is the complexity of embedded software development on multiple targets with multiple compilers and my goal to provide running software wherever possible. With just a library is hard to identify problems during usage.
The good news, I setup an environment to get the different targets and compilers managable by a single maintainer (me). So the canopen-stack is developped with LLVM on host machines, and a first demo is provided for STM32F7xx microcontrollers. More is coming, so stay tuned :-)
So I have next situation - shared file system, over N alike machines. My app is run on all of them. I need to understand on which machine my app runs in each instance - some unique ID... Is there such thing, is it possible to emulate it? Is there any crossplatform library that would help with that?
There are two concerns here, security and stability of your matching.
Hardware characteristics are a good place to start. Things like MAC address, CPU, hdd identifiers.
These things theoretically can change. If a hdd failed you probably would lose whatever configuration you had on the system as well. I could see a system that sent a hash of each characteristic separately work alright. If 4 out of 5 matched, you could probably guess that their network card caught on fire and it was replaced.
If you just need a head count, you may not even be interested that this new system with a different signature used to be another one.
Usually, people aren't too concerned with security with these systems; they just want to track resources on a network. If someone wanted to spoof the hardware identifiers they could. For simple cases, I would look into an installer that registered a salted identifier. If you really need something terribly secure you might start looking at commercial products (or ask another question about the security aspects specifically).
Both of these are error prone obviously. I'm not sure you should even fully automate it in those cases. Think about a case where network cards were behaving weird and you swapped them with another machine.
Human eyes are pretty good, let an administrator use them. At worst, they can probably figure things out with a quick email. Just give them enough information to make an informed decision when something does go wrong. Really, if you just log everything a human should be able to recreate the scenario and make a decision. Most of these things won't change daily. There is more work when hardware fails, not every day.
I am trying to create an executable that will only run on one machine. What is the easiest way to achieve this? A license file? Or is there a machine address much like the MAC for network connections I could hardcode into the executable?
If it will run on only one machine, then... simply secure the machine and only store the executable on this machine.
That's, unfortunately, about the only reliable method.
Longer answer:
bits can be copied
programs can be dissassembled
dissassembly can be reverse engineered (though it's sometimes long)
the cost of reverse engineering can be made higher than the value produced by the program, possibly at a higher cost that the value produced by the program.
If you look long enough at the software industry:
DRM: fail
Licenses: fail
Licenses with web activation: fail
If it's worth cracking, it'll get cracked.
The easiest way would be to make it illegal via licencing. Trying to enforce this technically is impossible, and only hurts your users (user?): What if they reinstall the OS, or change their network card, or upgrade their CPU?
There is no solution that is 100% effective, and there is no solution that is "easiest" and also "highly effective." There typically is a continuum of "effective" and "drives users crazy" that you need to be very careful about.
The MAC address is not a horrible place to start. It's not that difficult to change your MAC address, but if you have multiple instances of the same MAC on the same subnet, their machine won't work, so it's good for keeping many people on the same subnet from running your product without licenses. The problem with MAC is that on desktops, the MAC changes if the network card changes; that ticks off your paying users.
A license file is generally better than modifying the binary. You should sign the license file, however, so that it can't be easily modified.
Your application itself is always the weakest link. A dedicated attacker will just remove the test from your application. There is no universal solution to this problem. A good approach is always around "keeping honest people honest" by making it easy to license your application correctly, and easy for the user to determine if they've done so. You can easily spend huge amounts of money trying to annoy people who will never pay you anyway.
I think my answer to another question applies here.
This is a legal issue, not a technological issue. Your goal should be to make it easy for people who want make sure they have valid licenses to your software. Rather than securing your code against people who want to steal it, you should focus on helping customers that are worried about accidentally using it without a proper license.
I'll also repeat my comment from yet another question:
I think "keeping honest people honest" is the right mind set to
approach this problem. Nothing can be cryptographically secure, but
having some sort of unique key or number for each license can actually
make it easier for business customers to account for their software,
and that adds value to your product. Onerous DRM (that doesn't work)
aimed at thwarting criminals (who'd never pay anyway) is just an
obstacle to paying customers.
If you want to create only one copy of your executable file and if you have access to the machine on which you have to install the executable file, then it is okay to hardcode the MAC address into your executable file. In case you want to distribute more than one copies of your executable file and if you don't have access to all the machines, then you might code the executable file to demand a license file which is generated form the MAC address of the machines. It is a sort of software activation.
I know this is a big one. In fact, it may be used for some SO community wiki.
Anyways, I am running a website that DOES NOT use explicit authentication of users. It's public as in open to everybody. However, due to the nature of the service, some users need to be locked out due to misbehavior.
I am currently blocking IP addresses, but I am aware of the supposed fact that many people purposefully reset their DHCP client cache to have their ISP assign them new addresses. Is that a fact? I think it certainly is a lucrative possibility for some people who want to circumvent being denied access.
So IPs turn out to be a suboptimal way of dealing with this. But there is nothing else, is it?
MAC addresses don't survive on WAN (change from hop to hop?), and even if they did - these can also be spoofed, although I think less easily than IP renewal.
Cookies and even Flash cookies are out of the question, because there are tons of "tutorials" how to wipe these, and those intent on wreaking havoc on Internet are well aware and well equipped against such rudimentary measures I would employ.
Is there anything else to lean on? I was thinking heuristical profiling - collecting available data from client-side and forming some key with it, but have not gone as far as to implementing it - is it an option?
Due to the nature of the internet, this isn't practically possible. Yes, you can block specfic IPs, but as you've said, it's easy enough for the average "misbehaver" to simply change their IP. Even MAC addresses can be spoofed. This is why sites with these problems use authentication. It's the only real solution.
You are not going to be able to completely block a user who is determined to access your site. You can, however, make it difficult enough for them that it isn't worth their time.
As others have said, this is an impossible problem. Anyone determined enough can always find another way in. The canonical example of this problem is with Wikipedia, and you can read about the various blocking steps they take here: http://en.wikipedia.org/wiki/Blocking_policy
The simple answer is that this is impossible. As others (including yourself) have already said, anyone determined will find another way.
You can block IPs or use cookies, to deter the casual troublemaker. Someone who just wants to post rude words in blog comments will probably go elsewhere, but it won't scare off someone who wants to cause trouble on your site specifically,
If this misbehaviour is a serious problem for you, then I think your only recourse is to require authentication for any kind of access that could be subject to such abuse.
You can minimise the annoyance to your users by using OAuth, and accepting many different providers, much as SO does, rather than forcing all your users to sign up and memorise yet another set of login credentials.
I am writing a piece of software in C++ which is targeted at a market in which software is traditionally heavily cracked (or at least, attempted to be). I realise that nothing can be completely protected, however I feel that trying would be a good idea and also I think some of the specifics of the situation that I'm in might be helpful.
Firstly, it would not be annoying to the user that they must have an internet connection to use the software. I hate it when games etc. do this too, but the software requires an internet connection to function anyway due to its purpose, so this wouldn't hinder a normal user.
Secondly, it depends fairly heavily on external scripts written by me and/or supplied by third-parties, so I can have these stored on some website somewhere meaning that people who crack the software will have to also track down new copies of the scripts, which may annoy them into becoming legit.
Thirdly, new versions will, by definition due to what the app does, have to be released very often, weekly or every two weeks max. The program will obviously have an autoupdater, but since I am churning out (required to function) updates so often, any sort of key-based encryption or whatever could possibly have the keys/method change every update, and I am capable of breaking existing cracks when they do happen.
Does anyone know of any available solutions or techniques I could implement which fit the bill?
If you application is doing some sort of data processing or analysis, you can protect it by putting that part into a web service (maybe in a cloud) that your client application connects and authenticate to and then receive results from. So even if your client application is reversed engineered, it would be missing that important piece of processing.
If your application is web based, you get the same effect too.
I've previously used CrypKey successfully.
I'm going to guess that older copies of the software are far less useful than the latest copy.
If that's the case, then you already have a powerful anti-cracker technology in place: your update mechanism. When you become aware of a hacked version of your software, then you can immediately check for it, and cause trouble for users of the hacked software.