Author Topic: Altera Software Dongle Teardown  (Read 11805 times)

0 Members and 1 Guest are viewing this topic.

Online Bicurico

  • Super Contributor
  • ***
  • Posts: 1707
  • Country: pt
    • VMA's Satellite Blog
Re: Altera Software Dongle Teardown
« Reply #25 on: February 01, 2019, 10:31:31 am »
That is probably not even a real dongle but rather a modified USB disk drive!

Some companies, not wanting to spend real money on real dongles, resorted to USB drives...

To make them "unique" you can use for instance use setup tools to configure the microcontroller and create read only partitions or set the drive capacity to some odd number which would be difficult to obtain with a standard dongle.

While this is kind of "amateur hour" stuff, such a dongle costs probably around 1-2 Euro and is still quite effective. So it is understandable that a company goes that route.

The biggest risk of USB dongles, by the way, is that they are mistaken for USB disks and are stolen for that purpose!

The person stealing it thinks it is a USB memory and when it doesn't work as such, they think it is broken and that this was the reason it was left behind. For there the USB dongles goes to the trash...

We had many issues with schools for this reason, to a point where these dongles where actually stored inside the computer with a USB extension cable going from the external USB port inside the case.

Regards,
Vitor

Offline KaneTW

  • Frequent Contributor
  • **
  • Posts: 805
  • Country: de
Re: Altera Software Dongle Teardown
« Reply #26 on: February 01, 2019, 11:54:39 am »
It's a proper dongle. I've reverse engineered it a while back and it does some sort of crypto challenge/response and licensing stuff.
 

Online Bicurico

  • Super Contributor
  • ***
  • Posts: 1707
  • Country: pt
    • VMA's Satellite Blog
Re: Altera Software Dongle Teardown
« Reply #27 on: February 01, 2019, 11:58:03 am »
OK. My bad! :)

Bottom line is that these dongles are very cheap and thus have a good price/protection ratio, when compared to other protection methods based on HDD serial number, MAC address or obscure hidden files.
 

Offline amyk

  • Super Contributor
  • ***
  • Posts: 8240
Re: Altera Software Dongle Teardown
« Reply #28 on: February 01, 2019, 12:48:19 pm »
I wish I could find a crack for the Bernina embroidery software. My grandmother had the whole package, about $4k worth of software, after she passed away my other half got the machine but the dongle got lost somewhere in the handling of the estate so we have a fancy machine that is only useful as a sewing machine. I'm sure as hell not going to drop $2k on a new copy of something we already own just to have another stupid dongle that could get lost.
If it uses a standard dongle it's not hard to crack --- there are plenty of guides for all the common types mentioned in this thread already. Some software just does "if(!dongle)" checks, others use the unique info in them for some purpose, and the most difficult ones actually implement some code in the dongle and silently corrupt files/crash randomly if the checks don't all pass.

It's funny to see dongles for software that only works with an extremely expensive piece of hardware. In those scenarios, it should be more like "the machine is the dongle".
 

Offline joeqsmith

  • Super Contributor
  • ***
  • Posts: 11630
  • Country: us
Re: Altera Software Dongle Teardown
« Reply #29 on: February 01, 2019, 12:57:52 pm »
Finally you had the dongle emulators.

These worked roughly like this: a free tool would read out the dongle data. This sounds simple but really involved doing a brute force attack on the dongle to guess the provider and dongle ID. What is often forgotten is that new dongles would often break or malfunction after such a procedure.

If you read out the data successfully prior of breaking the dongle (much like the SIM extraction tools for SIM cards), you could send it to one of the crackers (or semi-legal companies - very popular in Germany, they used to place adds "Dongle-Ärger") and get the dongle emulator. I guess these dongle emulators ended up leaking for the general public.

I didn't have all this drama with the dongle shown.  It's nothing more than a few gates and an EEPROM.  I wrote my own tool to scan it and there is no concern of breaking the dongle by running it.   Also no need to send the data to some crackhead.   

Some of the earlier dongles would have counters in them with a little logic to store a unique code.   These again were fairly simple to replicate.  The one shown with the DIP switches works like this.   The switches select the outputs from the counter.  As new versions of this particular software would be released, they would have a new dongle which would decode different stages of the counter. 


Thanks for sharing!
Foundation packs and pistons in the shelf. That's an unusual combination.
I  have bad memories about the Foundation software pack. This stuff was bad.
It didn't calculate the resistance of the internal paths correctly, so when I had like 5 cells driven by another cell across the entire chip I had to set and locate a buffer manually.
Otherwise the data would not make it. Back then I used the XC5200.
It was the first software that did  not cost an arm an a leg. For the real stuff like Synopsys or Synplicity they demanded your soul.
Remember what happened when Aldec got in a pissing match with Xilinx?   They were bundling it with the tools.  Seems like Xilinx was trying to support customers with older designs by supplying them with older copies of the tools, which included Aldec.   The old story of the dog that bit the hand than fed him.    We used the Alliance tools with Synplify.   That was a fairly expensive bit of software. 


Online Bicurico

  • Super Contributor
  • ***
  • Posts: 1707
  • Country: pt
    • VMA's Satellite Blog
Re: Altera Software Dongle Teardown
« Reply #30 on: February 01, 2019, 01:00:25 pm »
"It's funny to see dongles for software that only works with an extremely expensive piece of hardware. In those scenarios, it should be more like "the machine is the dongle"."

I wondered about this myself, but there are a few arguments to do so:

1) Often a software has COST OPTIONS, so that you need some form of license file that needs to be checked against a dongle.
2) The computer running the software may not connected directly to the machine, but rather produce some NC programs that run on the machine.
3) You may have one machine but want to program/use it with more than one computer. Again this may be a cost option.
4) It is cheaper to use a dongle with a ready to use framework than to invest resources in implementing something on your own.
...

Regards,
Vitor

Online Bicurico

  • Super Contributor
  • ***
  • Posts: 1707
  • Country: pt
    • VMA's Satellite Blog
Re: Altera Software Dongle Teardown
« Reply #31 on: February 01, 2019, 01:04:47 pm »
I didn't have all this drama with the dongle shown.  It's nothing more than a few gates and an EEPROM.  I wrote my own tool to scan it and there is no concern of breaking the dongle by running it.   Also no need to send the data to some crackhead.   

This was not possible on the Sentinel SuperPro USB dongles. You needed to do a brute force attack, which could/would leave the dongle in a non-functional state. For many years I kept updated on all forms of cracks for the software we distribute and I tried it myself.

But yes, it did work with the emulator - but the physical dongle was messed up afterwards.

The bigger parallel port dongles are really old - I only worked with those from 1994 to around 1996. They were replaced by the shorter ones. I still have some around.

Regards,
Vitor

Offline joeqsmith

  • Super Contributor
  • ***
  • Posts: 11630
  • Country: us
Re: Altera Software Dongle Teardown
« Reply #32 on: February 01, 2019, 05:02:48 pm »
I didn't have all this drama with the dongle shown.  It's nothing more than a few gates and an EEPROM.  I wrote my own tool to scan it and there is no concern of breaking the dongle by running it.   Also no need to send the data to some crackhead.   

This was not possible on the Sentinel SuperPro USB dongles. You needed to do a brute force attack, which could/would leave the dongle in a non-functional state. For many years I kept updated on all forms of cracks for the software we distribute and I tried it myself.

But yes, it did work with the emulator - but the physical dongle was messed up afterwards.

The bigger parallel port dongles are really old - I only worked with those from 1994 to around 1996. They were replaced by the shorter ones. I still have some around.

Regards,
Vitor
I was only commenting on the dongle shown in the video.   

Was your company distributing stolen software?  I had a license for the dongles I replaced.  The problem I would run into back then was I used that printer port for my portable disk drives, programmers and other..  The dongles were stacked 3 deep with anther peripheral and I became tired of the nonsense.  A simple fix with a few gates. 

I wrote the reader after I had upgraded Altera with which they supplied me with a new dongle.  Tired of reading the EEPROM with the programmer, it was easier just to read it with software and store the file. 

We still use the Globetrotter FLEXLM but I think the last dongle I saw was for the Mentor tools or when they were still owned by Innoveda.   That's been several years ago. 

Online Bicurico

  • Super Contributor
  • ***
  • Posts: 1707
  • Country: pt
    • VMA's Satellite Blog
Re: Altera Software Dongle Teardown
« Reply #33 on: February 01, 2019, 05:08:21 pm »
Of course we were not dealing with stolen software! I find that an offensive question, actually.

We are software distributors and as such I have always kept an eye on what cracks were available for the software we were selling, in order to help development fix the weak spots and to easily identify cracked software in the companies I visited.

And before someone raises a red flag - we never went to the authorities. All illegal use of that software was always settled in a rather friendly and constructive way.

Regards,
vitor

Offline rsjsouza

  • Super Contributor
  • ***
  • Posts: 5980
  • Country: us
  • Eternally curious
    • Vbe - vídeo blog eletrônico
Re: Altera Software Dongle Teardown
« Reply #34 on: February 01, 2019, 05:09:36 pm »
We still use the Globetrotter FLEXLM but I think the last dongle I saw was for the Mentor tools or when they were still owned by Innoveda.   That's been several years ago.
I am so glad we went license free a few years ago; having to support FlexLM and their license servers was a royal pain with very minimal gain.  :phew:
Vbe - vídeo blog eletrônico http://videos.vbeletronico.com

Oh, the "whys" of the datasheets... The information is there not to be an axiomatic truth, but instead each speck of data must be slowly inhaled while carefully performing a deep search inside oneself to find the true metaphysical sense...
 

Offline joeqsmith

  • Super Contributor
  • ***
  • Posts: 11630
  • Country: us
Re: Altera Software Dongle Teardown
« Reply #35 on: February 02, 2019, 06:15:07 pm »
Of course we were not dealing with stolen software! I find that an offensive question, actually.

We are software distributors and as such I have always kept an eye on what cracks were available for the software we were selling, in order to help development fix the weak spots and to easily identify cracked software in the companies I visited.

And before someone raises a red flag - we never went to the authorities. All illegal use of that software was always settled in a rather friendly and constructive way.

Regards,
vitor

I can't help that you take offense to my questions or comments.  Ignore me if you like.   Your company distributes software and you  attempt to crack it to help the suppliers fix their weak spots???  That has to be the oddest thing I have heard in a while.  It seems your company woudl be in direct violation of the license agreements. 

Is this some service that your company is charging the suppliers for or is the idea that your company is loosing sales to thieves and you feel you can limit that?    As I said, this is really odd to me and I would like to understand more about it.

Online Bicurico

  • Super Contributor
  • ***
  • Posts: 1707
  • Country: pt
    • VMA's Satellite Blog
Re: Altera Software Dongle Teardown
« Reply #36 on: February 02, 2019, 07:25:02 pm »
I can't help that you take offense to my questions or comments.  Ignore me if you like.   Your company distributes software and you  attempt to crack it to help the suppliers fix their weak spots???  That has to be the oddest thing I have heard in a while.  It seems your company woudl be in direct violation of the license agreements. 

Is this some service that your company is charging the suppliers for or is the idea that your company is loosing sales to thieves and you feel you can limit that?    As I said, this is really odd to me and I would like to understand more about it.

The rudeness of your comments comes from your assumtion of me or my company practicing any illegal activity. And yet in this new post of yours, you keep implying that once again.

Where did I say that I was cracking the software we are distributing?

On the other hand, you claimed: "I wrote the reader after I had upgraded Altera with which they supplied me with a new dongle.  Tired of reading the EEPROM with the programmer, it was easier just to read it with software and store the file.  "

That certainly is/was an illegal thing to do, especially if you were located in the US, since reverse-engineering and/or extracting key data out of the dongle is against your laws. Additionally it was for sure a direct violation of the license agreements. Also, it seems an odd thing to do in a company, that purchased a legal license. You could have simply used and extension cable to move the dongles to a more suitable location. Just saying...

Anyway, to answer your questions:

- Yes, we suffered from pirated software back then - not so much nowadays.
- I regularily googled for cracks for our software or they were provided to me by some customers (who suffered from other companies using cracked software and thus being able to offer cheaper prices) and tried to see how these cracks worked (bypassing FlexLM, dongle checks, etc.). Again, I basically just read the instructions (Readme.txt) and/or installed them on a virtual machine.
- I then sent those cracks and findings to the mother company for development to fix the cracks.
- Software got better protected, which was good for us.
- As a side effect I would be quickly able to identify illegal use of our software at companies (i.e. when 1 license was purchased but several instances being used). This would help discussing the situation with the customer and negotiate a friendly deal to get them onto the legal side.
- No we were not paid for this "service".
- The mother company did not do this work themselfes, because they were not aware of the amount of cracks and illegal use of their software at that time - they did not sell the licenses to the end user.

Does this clarify your doubts?

Regards,
Vitor

Offline joeqsmith

  • Super Contributor
  • ***
  • Posts: 11630
  • Country: us
Re: Altera Software Dongle Teardown
« Reply #37 on: February 02, 2019, 07:55:01 pm »
I can't help that you take offense to my questions or comments.  Ignore me if you like.   Your company distributes software and you  attempt to crack it to help the suppliers fix their weak spots???  That has to be the oddest thing I have heard in a while.  It seems your company woudl be in direct violation of the license agreements. 

Is this some service that your company is charging the suppliers for or is the idea that your company is loosing sales to thieves and you feel you can limit that?    As I said, this is really odd to me and I would like to understand more about it.

The rudeness of your comments comes from your assumtion of me or my company practicing any illegal activity. And yet in this new post of yours, you keep implying that once again.

Where did I say that I was cracking the software we are distributing?

On the other hand, you claimed: "I wrote the reader after I had upgraded Altera with which they supplied me with a new dongle.  Tired of reading the EEPROM with the programmer, it was easier just to read it with software and store the file.  "

That certainly is/was an illegal thing to do, especially if you were located in the US, since reverse-engineering and/or extracting key data out of the dongle is against your laws. Additionally it was for sure a direct violation of the license agreements. Also, it seems an odd thing to do in a company, that purchased a legal license. You could have simply used and extension cable to move the dongles to a more suitable location. Just saying...

Anyway, to answer your questions:

- Yes, we suffered from pirated software back then - not so much nowadays.
- I regularily googled for cracks for our software or they were provided to me by some customers (who suffered from other companies using cracked software and thus being able to offer cheaper prices) and tried to see how these cracks worked (bypassing FlexLM, dongle checks, etc.). Again, I basically just read the instructions (Readme.txt) and/or installed them on a virtual machine.
- I then sent those cracks and findings to the mother company for development to fix the cracks.
- Software got better protected, which was good for us.
- As a side effect I would be quickly able to identify illegal use of our software at companies (i.e. when 1 license was purchased but several instances being used). This would help discussing the situation with the customer and negotiate a friendly deal to get them onto the legal side.
- No we were not paid for this "service".
- The mother company did not do this work themselfes, because they were not aware of the amount of cracks and illegal use of their software at that time - they did not sell the licenses to the end user.

Does this clarify your doubts?

Regards,
Vitor

Odd you feel my questions are rude and that I have doubts.  Again, feel free to ignore them if they cause you too much distress.   

I most certainly violated the license agreement with Altera.  I would never dispute that or would I take offense to it.  It's a fact and you won't see any drama coming from me about it.   The dongles and other peripherals I mentions were not causing a mechanical issue.   I was running into signal integrity problems, not that it matters. 

So you were running these cracks in a virtual machine and trying them on the software you distributed?   It sounds like from your "mother company" comment that your company was a little more than just a distributor. 

Online Bicurico

  • Super Contributor
  • ***
  • Posts: 1707
  • Country: pt
    • VMA's Satellite Blog
Re: Altera Software Dongle Teardown
« Reply #38 on: February 02, 2019, 08:47:39 pm »
So what? I won't detail our company's ownership history here. It adds nothing to this topic. If you are interested in becomimg a shareholder, send me a PM!  :)

Anyway, I just wanted to share a bit dongles in this thread.

We don't use them anymore, except for one current product.

Software is nowadays mostly protected through the internet.

Honestly I think the dongles were more user friendly than modern Cloud/online protection. You could use whatever computer you wanted and just had to pop in the dongle. No activation required...

Regards,
Vitor

Offline james_s

  • Super Contributor
  • ***
  • Posts: 21611
  • Country: us
Re: Altera Software Dongle Teardown
« Reply #39 on: February 02, 2019, 10:53:39 pm »
It's true that the dongles were better than the whole cloud thing, especially subscription. I have a policy that I don't rent software, that is absolutely non-negotiable. Thankfully the selection of open source software continues to expand and improve.
 

Offline joeqsmith

  • Super Contributor
  • ***
  • Posts: 11630
  • Country: us
Re: Altera Software Dongle Teardown
« Reply #40 on: February 02, 2019, 11:29:57 pm »
So what? I won't detail our company's ownership history here. It adds nothing to this topic. If you are interested in becomimg a shareholder, send me a PM!  :)

Anyway, I just wanted to share a bit dongles in this thread.

We don't use them anymore, except for one current product.

Software is nowadays mostly protected through the internet.

Honestly I think the dongles were more user friendly than modern Cloud/online protection. You could use whatever computer you wanted and just had to pop in the dongle. No activation required...

Regards,
Vitor

Sorry but I am not interested in becoming a shareholder to help fund software cracking research.  As I wrote, it makes little sense to me personally and worse from an investment.     

I am not aware of any of the tools (Altera or Xilinx) moving to a cloud based license.  Hopefully they will keep it that way.     

Offline Doctorandus_P

  • Super Contributor
  • ***
  • Posts: 3321
  • Country: nl
Re: Altera Software Dongle Teardown
« Reply #41 on: February 03, 2019, 08:14:17 am »
So you start with a video of a teardown, open the thing, then you laugh at the rubbed off part numbers, yet immediately back away and start rambling about random guesses.
I stopped the video right there, because the chances of even attempt of for example sniffing an I2C bus would be slim.

To me this shows how effective this rubbing of off part numbers is.
Why don't you just reverse-engineer the silly thing and make a video out of it.
How much time does it take to reverse engineer such a silly device, how do you do it? Do some measurements with those 30 odd scopes on your bench.
I once did reverse engineer a card. It was a PCB for an ISA bus to read the TOS roms of an Atari, for a PC based Atari Emulator. Noting on there but some TTL counter and buffer chips. The rubbed of numbers were maybe a half hour extra delay.

And even if those dongles were simple (but evil) devices. You had to have one to reverse engineer it, or do a lot of guesswork from signals emitted from the LPT port.

Back then I was tempted to buy a schematics / PCB program called "Ultiboard". Thought a bit about it and then told the seller that I would not buy software with those stupid dongles. I've heard stories of 5 or more of these in a PC. Elektor (dutch magazine) once did a whole article on a PC board for these things so you could put them inside your PC on an ISA card instead of hanging then on the end of your PC.
All that was before the Internet and the wonderfull Open Source tools that are growing everywhere.

A lot of the Open Source tools lack severely in quality compared to the paid software, but  also believe that the commercial versions would be more expensive if there were no Open Source alternatives.
 

Offline golden_labels

  • Super Contributor
  • ***
  • Posts: 1182
  • Country: pl
Re: Altera Software Dongle Teardown
« Reply #42 on: February 03, 2019, 09:45:23 am »
Dave speaks for himself, but if I would be him, the answers could be:
  • Reverse engineering is a tedious and boring task.
  • Reverse engineering without access to the software, which drives the circuit in the dongle, is even worse and in many cases impossible.
  • Alphabet may be unhappy with that type of content.
Yes, one needs some level of access to a dongle to RE it. Proves nothing. The goal of faking the device may be not unauthorized use of software, but avoiding all the problems with using the dongle. Or, nowadays, using older versions of programs on newer computers that have no LPT ports. I do not support the idea of staying with outdated software, but the argument itself is still valid. And even if someone wants to gain unauthorized access to an application without owning the device, they might use information from someone, who already reverse-engineered the dongle. Or just have fun with one in their college (if it offers access to that software).

Please, do not make comparisons between “open source” and “paid”. This paints an invalid picture of the situation. While in fact most open source software is available gratis, it is a secondary effect — not the primary distinction. The division is either between “open source” and “proprietary”, or between “paid” and “free”.
People imagine AI as T1000. What we got so far is glorified T9.
 

Offline HighVoltage

  • Super Contributor
  • ***
  • Posts: 5453
  • Country: de
Re: Altera Software Dongle Teardown
« Reply #43 on: February 03, 2019, 09:57:43 am »
In the late 80s I worked for an engineering company in California and on one PC they had 8 (eight) of these
dongles on one PC on one parallel port. It was so annoying, we found ways around the dongle.

The weird thing was that the software was for special equipment and you could not do anything with the software, without the equipment. So why having a dongle in the first place was beyond me !

There are 3 kinds of people in this world, those who can count and those who can not.
 

Online HwAoRrDk

  • Super Contributor
  • ***
  • Posts: 1456
  • Country: gb
Re: Altera Software Dongle Teardown
« Reply #44 on: February 03, 2019, 11:22:11 am »
So you start with a video of a teardown, open the thing, then you laugh at the rubbed off part numbers, yet immediately back away and start rambling about random guesses...

Well, it is a second channel video, so you shouldn't go expecting a comprehensive exposition on the subject matter. Its nature is the reason why it's on the EEVblog2 channel.

However, although it's Dave's prerogative to make videos however he chooses, I do somewhat agree and sometimes wish he wouldn't lay on so thick the chucklesome and patronising-toned "wow, look at this thing, isn't it weird/quaint/rubbish/ancient/etc, can you believe it?", and how he sometimes waffles through conjecture and supposition only to then in the edit apply an on-screen caption essentially saying "ignore everything I'm saying right now, it's wrong/incomplete, actually it's...". For the latter, I totally get that it occurrs as a result of how he makes videos in a kind of 'one take' fashion, with editing happening later, but frequent charging of video's messages with ambiguity can be tiresome. I hope now he has 'studio' and 'edit suite' in the same office, it'll make re-shoots of wrong/incomplete segments easier. :)

The weird thing was that the software was for special equipment and you could not do anything with the software, without the equipment. So why having a dongle in the first place was beyond me !

As I theorised in my earlier post, I suspect in situations like these the dongle is there primarily to enforce a restriction between software producer and machine vendor or reseller. For example, in your case it may have been that the equipment manufacturer wanted to make sure resellers of the equipment were not exceeding their remit to redistribute the software.
 

Online Bicurico

  • Super Contributor
  • ***
  • Posts: 1707
  • Country: pt
    • VMA's Satellite Blog
Re: Altera Software Dongle Teardown
« Reply #45 on: February 03, 2019, 01:04:45 pm »
An easier explanation: the software used by the equipment provider was itself developed by a third party company, that wanted to make sure that every license was accounted for.
Otherwise it would be easy to sell 100 machines but only claim 20 software licenses... How should the software developer know otherwise?

Regards,
Vitor



Offline Doctorandus_P

  • Super Contributor
  • ***
  • Posts: 3321
  • Country: nl
Re: Altera Software Dongle Teardown
« Reply #46 on: February 04, 2019, 10:43:02 am »
So because those companies do not trust each other they put it on their customers by irritating them with useless and annoying gadgets.

Have you ever tried putting a PC under your desk with a tower of 6 of those things sticking out of the back?

And they aparently didn't even have the smarts to put the bloody thing in the apliance.
 

Offline rsjsouza

  • Super Contributor
  • ***
  • Posts: 5980
  • Country: us
  • Eternally curious
    • Vbe - vídeo blog eletrônico
Re: Altera Software Dongle Teardown
« Reply #47 on: February 04, 2019, 01:18:49 pm »
So because those companies do not trust each other they put it on their customers by irritating them with useless and annoying gadgets.
You pretty much summarized a significant part of the professional software industry until today. Either via a dongle, a license file or, more recently an intricate license exchange with a server (cloud), not much has changed.

Vbe - vídeo blog eletrônico http://videos.vbeletronico.com

Oh, the "whys" of the datasheets... The information is there not to be an axiomatic truth, but instead each speck of data must be slowly inhaled while carefully performing a deep search inside oneself to find the true metaphysical sense...
 


Share me

Digg  Facebook  SlashDot  Delicious  Technorati  Twitter  Google  Yahoo
Smf