Misplaced Pages

Software protection dongle: Difference between revisions

Article snapshot taken from Wikipedia with creative commons attribution-sharealike license. Give it a read and then ask your questions in the chat. We can research this topic together.
Browse history interactively← Previous editNext edit →Content deleted Content addedVisualWikitext
Revision as of 19:15, 14 February 2004 editDavid Gerard (talk | contribs)Edit filter managers, Administrators213,085 edits take redundancy out of intro (see talk page); other tweaks← Previous edit Revision as of 19:44, 14 February 2004 edit undoDavid Gerard (talk | contribs)Edit filter managers, Administrators213,085 edits tweak problems section; remove "bongle" (see talk)Next edit →
Line 1: Line 1:
A '''dongle''' is a small hardware device that connects to a ] and acts as an authentication key for a particular piece of software. When the dongle is present, the software will run properly; when it is not, the program will run in a restricted mode or refuse to start. Dongles are used by some ] vendors as a form of ] or ] because it is much harder to copy the dongle than to copy the software it authenticates. A '''dongle''' is a small hardware device that connects to a ] and acts as an authentication key for a particular piece of software. When the dongle is present, the software will run properly; when it is not, the program will run in a restricted mode or refuse to start. Dongles are used by some ] vendors as a form of ] or ] because it is much harder to copy the dongle than to copy the software it authenticates.


('''Dongle''' also refers to an ] jack attached via a wire to a small edge connector, which is used to connect an ] cable to a ] ], into which the edge connector plugs. This type of dongle has no copy protection purpose. These are falling out of favour as ]s tend more to include a built-in RJ-45 socket.) ('''Dongle''' also refers to an ] jack attached via a wire to a small edge connector, which is used to connect an ] cable to a ] ], into which the edge connector plugs. This type of dongle has no copy protection purpose. These are falling out of favour as more ]s include a built-in RJ-45 socket.)


Dongles are typically used with very expensive packages and ] software, such as ]/] software, ] applications and some ] packages. Efforts to introduce dongle-protected software packages in the mainstream software market have met with stiff resistance from users. Dongles are typically used with very expensive packages and ] software, such as ]/] software, ] applications and some ] packages. Efforts to introduce dongle protection in the mainstream software market have met with stiff resistance from users.


==History== ==History==
Line 9: Line 9:
Dongles became common in the ] and into the ]. Originally taking the form of simple passive devices that connected a ] in a predetermined manner, they rapidly evolved into active devices that contained a serial transceiver (]) and even a ] to handle transactions with the host. Later versions adopted the ] interface in preference to the serial interface. Dongles became common in the ] and into the ]. Originally taking the form of simple passive devices that connected a ] in a predetermined manner, they rapidly evolved into active devices that contained a serial transceiver (]) and even a ] to handle transactions with the host. Later versions adopted the ] interface in preference to the serial interface.


Modern dongles include built-in strong ], and special fabrication techniques designed to thwart ]. Typical dongles also now contain a reasonable amount of non-volatile memory — key parts of the software may be actually stored on the dongle. Modern dongles include built-in strong ] and special fabrication techniques designed to thwart ]. Typical dongles also now contain a reasonable amount of non-volatile memory — key parts of the software may be actually stored on the dongle.


==Problems with dongles== ==Problems with dongles==


The major problem with dongles is that they tie up a port on the host machine. This has been ameliorated to some extent by the adoption of USB, but is still a serious drawback. To get around this, most practical dongles include a replacement port, so as to become an inline device. A related problem is the machine which is running more than one piece of dongle-protected software. Manufacturers claim that multiple dongles can be successfully stacked or daisy-chained, but operational problems with stacked dongles are common in practice. There is also the obvious problem of losing the dongle, rendering the protected software useless. Also, if more than one application is protected in this manner, the number of dongles becomes physically problematic. Dongles tie up a port on the host machine. This has been ameliorated to some extent by the adoption of USB, but is still a serious drawback. To get around this, most practical dongles include a replacement port, so as to become an inline device.


A related problem is running more than one piece of dongle-protected software. Manufacturers claim that multiple dongles can be successfully stacked or daisy-chained, but operational problems with stacked dongles are common in practice. The number of dongles can also become physically problematic.
There is also a potential weakness in the implementation of the ] between the dongle and the protected software — it requires considerable design cunning to implement this in a fashion that is not easy to ]. For example, a naive implementation might simply define a ] that checks for the dongle, returning true or false accordingly. This reduces all of the protection, however sophisticated, to a single ] value at one point in the program, so cracking the protection requires only the identification and manipulation of that single bit.

There is also the potential for weaknesses in the implementation of the ] between the dongle and the protected software. It requires considerable cunning to implement this in a fashion that is not easy to ]. For example, naïve implementations might simply define a ] to check for the dongle, returning "true" or "false" accordingly, reducing the protection to a single ] value at one point in the program.

There is also the obvious problem of losing the dongle, rendering the protected software useless.


==Origin of the word "dongle"== ==Origin of the word "dongle"==
Line 22: Line 26:


Vendors of dongles and dongle-protected software often use more dignified terms such as "hardware key" or "security device" in their written literature. Outside of such literature, "dongle" is the usual term for the device (and is used even by dongle vendors in informal parlance). Vendors of dongles and dongle-protected software often use more dignified terms such as "hardware key" or "security device" in their written literature. Outside of such literature, "dongle" is the usual term for the device (and is used even by dongle vendors in informal parlance).

"Bongle" is the name of a ] variety of Dongle.

Revision as of 19:44, 14 February 2004

A dongle is a small hardware device that connects to a computer and acts as an authentication key for a particular piece of software. When the dongle is present, the software will run properly; when it is not, the program will run in a restricted mode or refuse to start. Dongles are used by some proprietary vendors as a form of copy protection or digital rights management because it is much harder to copy the dongle than to copy the software it authenticates.

(Dongle also refers to an RJ-45 jack attached via a wire to a small edge connector, which is used to connect an Ethernet cable to a PCMCIA network card, into which the edge connector plugs. This type of dongle has no copy protection purpose. These are falling out of favour as more laptops include a built-in RJ-45 socket.)

Dongles are typically used with very expensive packages and vertical market software, such as CAD/CAM software, Digital Audio Workstation applications and some translation memory packages. Efforts to introduce dongle protection in the mainstream software market have met with stiff resistance from users.

History

Dongles became common in the 1980s and into the 1990s. Originally taking the form of simple passive devices that connected a parallel port in a predetermined manner, they rapidly evolved into active devices that contained a serial transceiver (UART) and even a microprocessor to handle transactions with the host. Later versions adopted the USB interface in preference to the serial interface.

Modern dongles include built-in strong encryption and special fabrication techniques designed to thwart reverse engineering. Typical dongles also now contain a reasonable amount of non-volatile memory — key parts of the software may be actually stored on the dongle.

Problems with dongles

Dongles tie up a port on the host machine. This has been ameliorated to some extent by the adoption of USB, but is still a serious drawback. To get around this, most practical dongles include a replacement port, so as to become an inline device.

A related problem is running more than one piece of dongle-protected software. Manufacturers claim that multiple dongles can be successfully stacked or daisy-chained, but operational problems with stacked dongles are common in practice. The number of dongles can also become physically problematic.

There is also the potential for weaknesses in the implementation of the protocol between the dongle and the protected software. It requires considerable cunning to implement this in a fashion that is not easy to crack. For example, naïve implementations might simply define a function to check for the dongle, returning "true" or "false" accordingly, reducing the protection to a single bit value at one point in the program.

There is also the obvious problem of losing the dongle, rendering the protected software useless.

Origin of the word "dongle"

The word "dongle," as a word for something unnamed (akin to "doodad" or "whatchamacallit") has been used since the 1970s. Its origin is unknown. The American Heritage Dictionary, 4th edition, says it is "probably arbitrary coinage." Assertions that it was derived from the name "Don Gall" are an urban myth popularized by an advertising copywriter; see Eric S. Raymond's Jargon File.

Vendors of dongles and dongle-protected software often use more dignified terms such as "hardware key" or "security device" in their written literature. Outside of such literature, "dongle" is the usual term for the device (and is used even by dongle vendors in informal parlance).