Share Your Key - Share Your Costs - wibu-systems ag
Share Your Key - Share Your Costs - wibu-systems ag
Share Your Key - Share Your Costs - wibu-systems ag
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
FALL 2007<br />
14<br />
COVER STORY<br />
<strong>Share</strong> <strong>Your</strong> <strong>Key</strong> - <strong>Share</strong> <strong>Your</strong> <strong>Costs</strong><br />
TOPICS<br />
Scalable DRM Solutions<br />
License Models with CodeMeter<br />
Hacker´s Contest 2007
I N T R O<br />
Content<br />
FUTURE<br />
Scalable DRM Solutions 3<br />
KNOW-HOW<br />
License Models with CodeMeter 4<br />
PRODUCT<br />
CodeMeter Field Activiation 6<br />
KNOW-HOW<br />
High Level Programming API 7<br />
COVER STORY<br />
<strong>Share</strong> <strong>Your</strong> <strong>Key</strong> - <strong>Share</strong> <strong>Your</strong> <strong>Costs</strong> 8<br />
KNOW-HOW<br />
Wibu Universal Protection Interface 10<br />
BILLBOARD<br />
Briefl y Presented 11<br />
EVENTS<br />
Hacker‘s Contest 2007 12<br />
CASE STUDY<br />
Easy to Switch to CodeMeter 14<br />
Dear Customers and Partners,<br />
most economists would <strong>ag</strong>ree that the world’s economy<br />
is good; with sustained growth forecast into the<br />
foreseeable future. I hope you are seeing growth in<br />
your own company and are satisfi ed with the results.<br />
I am satisfi ed – WIBU-SYSTEMS has good growth<br />
and this allows us to continue to invest more than<br />
20% of our revenue in research and development.<br />
The countries with the fastest growing economies<br />
offer a chance for established western companies<br />
to increase sales by entering these markets. For<br />
some industries (whose stock in trade is intellectual<br />
property) entering these markets can offer special<br />
challenges as well as bring opportunities. The consumers<br />
in these countries have a thirst for knowledge,<br />
but personal income, compared on a world scale is<br />
low; creating an atmosphere for rampant piracy. This<br />
is one of the great challenges for companies entering<br />
global markets: How to bring great ideas, services<br />
or products to people who see the value but are<br />
unable to afford the price? Simply cutting the price<br />
is no solution. Developing low cost alternatives for<br />
markets that need simple solutions and reserving the<br />
high-quality applications where quality is a must can<br />
result in advant<strong>ag</strong>es for everyone.<br />
WIBU-SYSTEMS always wants to be on the leading<br />
edge and deliver products to you with the best<br />
possible cost-effectiveness. That is why we work<br />
with European associations and participate in R & D<br />
projects, partially sponsored by German BMBF, BMWi<br />
or the European Community. Innovation <strong>ag</strong>ainst<br />
product piracy is the theme of a project which targets<br />
the protection of machines and plants and the whole<br />
manufacturing process. It also encompasses the<br />
protection of production data, making it impossible,<br />
for example, to produce a “knock-off” of a LACOSTE<br />
polo shirt with the original data. Therefore, <strong>Share</strong><br />
<strong>Your</strong> <strong>Key</strong>, a licensing system for programs and the<br />
data of different creators, will be used in the production<br />
of a plant and could also in the building industry<br />
or in the music and game industries as well.<br />
Please read in this edition of the KEYnote m<strong>ag</strong>azine<br />
more about these themes. I hope you will receive<br />
useful ideas and appreciate the results of our R&D<br />
investment. If you search for solutions you cannot<br />
fi nd today, please talk to us. We are glad to hear<br />
about your requirements and we accept the challenge<br />
to provide a solution for you.<br />
KNOW-HOW<br />
Mobile Solutions 16<br />
<strong>Your</strong>s Oliver Winzenried<br />
2
F U T U R E<br />
Scalable DRM Solutions<br />
“Perfection in Software, Document, Media and Access Protection” is our company slogan, which expresses what<br />
we do and how we do it. Since 1989, we have delivered highly flexible solutions to license your software or<br />
digital content. You can use the WibuBox, or a CodeMeter-Stick, our two dongle based solutions, to securely<br />
store your licenses.<br />
Software Protection<br />
Document Protection<br />
Media Protection<br />
Media Protection<br />
AxProtector<br />
IxProtector<br />
WUPI<br />
SmartShelter<br />
HTML<br />
PDF<br />
Web-<br />
Authentication<br />
SmartShelter<br />
Media<br />
One Universal Solution<br />
Both hardware products work on the same basic<br />
principle: The protection is based on encryption<br />
in the hardware and the storing of license keys<br />
and options, in a very secure manner. A protected<br />
program can be supported by Wibu<strong>Key</strong><br />
and CodeMeter at the same time. Advant<strong>ag</strong>es<br />
of hardware based protection include very high<br />
security and license mobility.<br />
WIBU-SYSTEMS Applications and Base Technologies<br />
Wibu<strong>Key</strong> CodeMeter CodeMeterAct<br />
CodeMeterAct<br />
With CodeMeterAct (coming in September<br />
2008) we will also provide a pure softwarebased<br />
license man<strong>ag</strong>ement for digital content.<br />
CodeMeterAct will be fully compatible with<br />
our classic dongle technology CodeMeter. The<br />
difference is so simple… just another Firm Code.<br />
You will be able to implement CodeMeterAct<br />
using the tools you are already familiar with:<br />
WebAdmin, AxProtector and SmartShelter as<br />
well as our API.<br />
Some High Lights of the Coming<br />
Technology<br />
Fully compatible with CodeMeter<br />
Binding to a PC during activation<br />
Easy integration with the AxProtector and<br />
the Wibu Universal Protection Interface<br />
(WUPI)<br />
Create a single executable, which can be<br />
protected simultaneously by Wibu<strong>Key</strong>,<br />
CodeMeter and CodeMeterAct.<br />
Support for Windows, Linux and Mac OS X<br />
Pricing compatible with CodeMeter<br />
Supports License Borrowing and the<br />
checking out of network licenses to a<br />
single PC<br />
CodeMeterAct loses the “license portability”<br />
feature of CodeMeter and Wibu<strong>Key</strong> because<br />
the licenses and the license server are “married”<br />
to a specifi c PC. Also, security will be lessened.<br />
Why? Software security solutions are inherently<br />
more susceptible to hack attacks than hardware<br />
solutions.<br />
But CodeMeterAct will benefi t the following<br />
target groups:<br />
Low price products in the consumer market<br />
with simple license requirements, no<br />
need for network licenses and low security<br />
requirements.<br />
Enterprise companies: In this segment,<br />
one or several license servers are used; all<br />
license models support accounting options<br />
and the possibility of license check-out<br />
or borrowing. The anti-piracy technology<br />
relies on a trustful cooperation and permanent<br />
analysis of the accounting data.<br />
When you select CodeMeter today or if you have<br />
selected Wibu<strong>Key</strong> or CodeMeter in the past, you<br />
are guaranteed that in the future you will be<br />
able to simultaneously protect your application<br />
with CodeMeter, Wibu<strong>Key</strong> or CodeMeterAct, all<br />
with one simple implementation.<br />
3
License Models with CodeMeter<br />
If you use CodeMeter or CodeMeterAct<br />
for a license man<strong>ag</strong>ement<br />
solution you will receive your own,<br />
unique Firm Code. With this Firm<br />
Code you can create a custom<br />
license container, known as a Firm<br />
Item.<br />
In this Firm Item you store your<br />
licenses in Product Items, identified<br />
by Product Codes. Each license can<br />
have several options, for example an<br />
Expiration Time or several counters.<br />
Here are some examples:<br />
Firm Code 100.002<br />
Product Code: 1<br />
Options<br />
0 0 0 1 2<br />
0 0 2 3 8<br />
Single User License<br />
Create a Product Item with a freely selected<br />
Product Code. For your convenience, each license<br />
is automatically a single fl oating license on<br />
the network. By adding a License Quantity<br />
option with “0”, you will create a strict local<br />
license.<br />
Floating Network Licenses<br />
Store the maximum number of concurrently<br />
usable licenses as a License Quantity option into<br />
your Product Item. Then activate the computer<br />
with the attached CmStick as a CodeMeter<br />
License server: This server is already part of the<br />
CodeMeter Runtime Kit; just select the checkbox<br />
in the CodeMeter WebAdmin. With this adminis-<br />
trator tool you can also keep track of network<br />
licenses and how they are allocated.<br />
To access a license you can chose between<br />
different modes:<br />
UserLimit: Each instance of your software<br />
allocates exactly one license.<br />
Station<strong>Share</strong>: The application can be<br />
started by any number of instances on a<br />
single computer, allocating one license per<br />
client PC.<br />
NoUserLimit: The software can be<br />
started even after all possible licenses are<br />
already allocated.<br />
Overflow Licenses<br />
You want to provide your customers with more<br />
licenses than those actually purchased. <strong>Your</strong><br />
goal is to upgrade the number of licenses in the<br />
future, after your customers learn the benefi ts<br />
of using your program. Here is an example with<br />
100 purchased and 50 overfl ow licenses.<br />
You program 100 Licenses with Product Code<br />
1 and 50 Licenses with Product Code 2 into<br />
a single CmStick. In Product Code 2 you also<br />
create a Unit Counter option with a very high<br />
number (for example 16 million).<br />
Now your software, will at fi rst, allocate licenses<br />
from Product Code 1. When this is successful,<br />
4
KNOW-HOW<br />
your software is running in Normal Mode. If all<br />
100 licenses are in use, the software tries to<br />
allocate Product Code 2 and it is now running in<br />
“Overfl ow Mode”. You can optionally ”cripple”<br />
your software artifi cially or display a mess<strong>ag</strong>e<br />
box “Please order more licenses!”; then reduce<br />
the Unit Counter one time per start or every<br />
running minute – just use your creativity to<br />
defi ne the Overfl ow Mode.<br />
Product Code = 1<br />
License Qty = 100<br />
Product Code = 2<br />
License Qty = 50<br />
Unit Counter = 16.000.000<br />
And you do not have to give up the high security<br />
offered by AxProtector: Simply create the<br />
protection envelope for Product Code 1 and<br />
select the NoUserLimit mode.<br />
Leasing Licenes<br />
To limit the available time on a license, add an<br />
Expiration Time option. Here the CmStick has<br />
much higher security than CodeMeterAct because<br />
it can check the time <strong>ag</strong>ainst the pseudo<br />
real-time clock in the CmStick, which can also be<br />
further validated with a certifi ed time server.<br />
The same mechanism can also be used to create<br />
a time-limited demonstration version. It is easy<br />
to extend a license lease or a demonstration<br />
version automatically:<br />
Prepare a license online with Cm-<br />
Talk: You can activate the new license<br />
in your eCommerce solution, ready to be<br />
transferred to your customer.<br />
Then, via the Field Activation Service:<br />
You create, after receiving payment,<br />
an update fi le for your customer and add<br />
this to the next software update, may be<br />
done on a CD or by an Internet download.<br />
Licenses at the Terminal Server<br />
Do you want to avoid license violations at the<br />
terminal server? CodeMeter does this automatically<br />
for you: Each session will be tracked as<br />
a separate PC, including all modes. The same<br />
mechanism also prohibits license violations<br />
when in the multi user mode of Windows XP<br />
or Windows Vista.<br />
Limiting Licenses on Virtual PCs<br />
Comparable to the Expiration Time, the Code-<br />
Meter hardware has a much higher security<br />
on a virtual PC than a software-based license<br />
solution: Only one virtual machine can physically<br />
address the CmStick directly. All other virtual<br />
machines need to address their licenses via<br />
TCP/IP – if there are enough available for a<br />
multi-user solution.<br />
Licensing Different Program<br />
Modules<br />
Do you have different program modules which<br />
you want to control individually? No problem<br />
with CodeMeter: For each of these modules<br />
you assign a unique Product Code and you<br />
can handle more than 1000 different modules<br />
at the same time, each with individual license<br />
options like Expiration Time or Network License<br />
Control.<br />
Version Man<strong>ag</strong>ement<br />
Do you want your customers be able to use<br />
the current as well as preceding versions of<br />
your software; but not both at same time? For<br />
this scenario simply use the Feature Map: Each<br />
bit in the Feature Map represents for a specifi c<br />
version which can be individually activated or<br />
deactivated. With a Network Quantity of 1, the<br />
user can only start one of the activated versions<br />
at a time. And in a network environment, you<br />
128 64 32 16 8 4 2 1<br />
. . . 0 0 0 0 1 1 1 0<br />
Version 4<br />
Version 1<br />
Version 2<br />
Version 3<br />
Binary<br />
Calculus<br />
14<br />
can use similar version man<strong>ag</strong>ement to control<br />
more than one license.<br />
Specially Attached Licenses<br />
Sometimes a software developer needs to bind<br />
a dongle to a PC, a machine or a specifi c user. In<br />
this case you could write a custom ID into the<br />
Protected Data option of the Product Item.<br />
Standby Licenses<br />
Is your solution mission critical? Then implement<br />
CodeMeter with a Cold-Standby or Hot-Standby<br />
“Emergency Dongle” providing your customer<br />
with an “always available” security solution:<br />
Hot-Standby<br />
Similar to “Overfl ow Licenses” a Product Item<br />
will be created with a high Unit Counter value.<br />
Unlike Overfl ow Licenses, the two different<br />
Product Items are created in two different<br />
CmSticks.<br />
The end user attaches the CmStick without<br />
Unit Counter to the standard license server.<br />
Then he or she attaches the CmStick with the<br />
Unit Counter to the backup license server. The<br />
server search list controls the order that license<br />
servers are searched, ensuring that the standard<br />
license server is found fi rst, and then the<br />
backup server.<br />
License Server<br />
Product Code = 1<br />
License Qty = 100<br />
Backup Server<br />
Product Code = 1<br />
License Qty = 100<br />
Unit Counter = 16.000.000<br />
Cold-Standby<br />
You provide your customer with a second (Emergency)<br />
CmStick containing a Us<strong>ag</strong>e Period option<br />
of a couple of days. With fi rst us<strong>ag</strong>e, this<br />
period will begin the countdown: The license is<br />
available immediately and is locked automatically<br />
after expiration.<br />
License Server<br />
Product Code = 1<br />
License Qty = 100<br />
Backup CmStick<br />
Product Code = 1<br />
License Qty = 100<br />
Us<strong>ag</strong>e Period = 10 Days<br />
The license can be used temporarily but not<br />
permanently as a full second copy. Also the time<br />
of the Us<strong>ag</strong>e Period is checked by the pseudo<br />
real-time clock in the CmStick. The emergency<br />
CmStick can be replaced or converted as your<br />
business policies dictate.<br />
5
P R O D U C T<br />
CodeMeter Field Activation<br />
Static license models are history – today flexibility is important. And this is one of the strengths of CodeMeter<br />
using Field Activation Service and CmTalk protocol: Updating, adding or removing licenses without replacing<br />
the dongle – no problem.<br />
In many scenarios it is necessary to modify the<br />
software licenses in a CmStick, after it has been<br />
shipped to the user: Options, features, modules<br />
or a complete second product, purchased at a<br />
later date will need to be activated. Or maybe<br />
you will need to assign more pay-per-use units,<br />
or extend the demo deactivation time limit or<br />
convert a demo version into a full version. Here<br />
are some examples:<br />
Distributor<br />
T<br />
SOAP Protocol<br />
CmTalk<br />
via Internet<br />
File Exchange<br />
CmStick<br />
Write It Again<br />
The CodeMeter Field Activation Service (CmFAS)<br />
is based on a simple but secure exchange of<br />
fi les: The licensor does not need to provide a<br />
CmTalk web service on the issuing website;<br />
which can be diffi cult if it was outsourced to<br />
a provider.<br />
The license update or activation starts with the<br />
Remote Activation Context fi le (RAC fi le): It contains<br />
all of the information about the targeted<br />
CmStick and the software license. The licensor<br />
creates a Remote Activation Update fi le (RAU)<br />
by using both the contents of the RAC fi le and<br />
update parameters. It is easy to create this fi le;<br />
use the CmBoxPgm command line tool or use<br />
CmProducer, a simple GUI application.<br />
When your customer receives the RAU fi le (usually<br />
by email) he then transfers the contents<br />
of this fi le via the CodeMeter Control Center<br />
or the Windows File Man<strong>ag</strong>er to the attached<br />
CmStick.<br />
A Tool for All Situations:<br />
CmProducer<br />
With CmProducer, you can interactively update<br />
your licenses with all parameters. You combine<br />
all license parameters to pack<strong>ag</strong>es. This<br />
is especially a big advant<strong>ag</strong>e for developers<br />
who only occasionally use the update feature<br />
and are not very familiar with the CmBoxPgm<br />
command line options.<br />
More importantly, CmProducer can also be used<br />
to program the CmSticks in your offi ce, before<br />
they are shipped to your customer.<br />
On the Fast Track<br />
But the fastest and most convenient way for<br />
your user is to update a license via a web<br />
service. This allows your customer to update<br />
a CmStick from anywhere in the world and<br />
without any signifi cant delay. For this, WIBU-<br />
SYSTEMS provides two products: An all-in-one<br />
solution named CmTalk which is a complete<br />
web shop solution or CodeMeter Shelf which is<br />
a simple website which can be easily accessed<br />
from existing eShop implementations.<br />
Both products use the CmTalk communication<br />
protocol, which is based on standard SOAP communications<br />
and can be used to directly modify<br />
the license contents of the CmStick at the user<br />
site, without any manual exchange of fi les.<br />
One powerful feature of CmTalk is the ability to<br />
transfer secure licenses into the CmStick when<br />
your customer buys your product. All of the<br />
fl exible price and quantity options are in the<br />
background – invisible and without hassles for<br />
the user. Even allow your customers to return<br />
the product if they are not satisfi ed. Secure<br />
in the knowledge that they are not using the<br />
program anyway, by simply deleting the license<br />
in the CmStick.<br />
A HIP Alternative<br />
Another alternative to CmTalk would be to<br />
use CmFAS with HIP, the new CodeMeter high<br />
level API. (For HIP details, see p<strong>ag</strong>e 7 in this<br />
KEYnote.) On your user’s site, HIP can be used<br />
to create the RAC fi le. On the licensor’s site, it<br />
can be called out of a license server to create<br />
an RAU fi le, based on the contents of the RAC<br />
fi le. The exchange of these fi les can be easily<br />
integrated into a customer-dependent web<br />
service solution.<br />
6
KNOW-HOW<br />
HIP - High Level Programming<br />
Again and <strong>ag</strong>ain our customers have asked for an easy method to program CmSticks or to create Field Activation<br />
Update files: The command line is too difficult for the sales team and the CmProducer does not provide for all<br />
possible scenarios of a security concept. Now we have the answer: HIP (High Level Programming)<br />
After all security concerns are resolved and<br />
you fi nally know how great the protection with<br />
CodeMeter is, your task is to program the license<br />
items into the CmStick. The sales team also<br />
might need a simple tool for activating the<br />
parameters for a specifi c customer. Even after<br />
shipping the CmStick, it should be possible to<br />
easily update using Field Activation. And you<br />
might want to track all programmed licenses<br />
in your CRM/ERP system.<br />
Fast Results<br />
The new HIP API gives you access to all these<br />
possibilities and more. It is an object-orientated<br />
API which allows you keep your CmStick under<br />
control. With just a couple of function calls,<br />
you can increase a Unit Counter (see example<br />
below) or modify the Expiration Time if your<br />
customer makes his lease payment.<br />
A Langu<strong>ag</strong>e Talent<br />
The High Level Programming API is available<br />
for many programming langu<strong>ag</strong>es. We used<br />
support tools to create suitable interfaces, for<br />
example, for Delphi, Visual Basic, .NET, Java and<br />
Pearl. So you can comfortably use the langu<strong>ag</strong>e<br />
of your choice without the hassle of learning<br />
external code calls.<br />
// Initialisation<br />
cmhip::ProgrammingEngine &progEngine(this->Engine);<br />
progEngine.Initialize({Access Parameters});<br />
// FSB and License available?<br />
progEngine.Security()<br />
->CanUpdateProductItem(ulFirmCode);<br />
// Select the CmBox<br />
const CmBoxTable *pCmBoxTable<br />
= progEngine.TargetBoxes();<br />
CmProductItemProgrammer *pCmPiProg<br />
= progEngine.ProductItemProgrammer();<br />
const CmBox *pCmBox = pCmBoxTable->At(nBoxIndex);<br />
// Parameters<br />
ProductItemParamSet pipars(ulProductCode);<br />
pipars.SetRelativeUnitCounter(100);<br />
// Programming<br />
pCmPiProg->Update(usMaskCode, ulSerialCode, ulFirmCode,<br />
pipars, false);<br />
Distance – No Problem<br />
Similar to CmProducer, HIP can access local<br />
CmSticks or dongles which were already shipped<br />
to the customer. You will not see a big<br />
difference: You can use HIP for your simple<br />
programming tasks as well as any highly complex<br />
operations.<br />
Are you HIP?<br />
This new API, used to program CmSticks, will<br />
make you very happy – just try it. Please contact<br />
our technical support team to get the most<br />
current version.<br />
7
00012<br />
00012<br />
<strong>Share</strong> <strong>Your</strong> <strong>Key</strong> -<br />
<strong>Share</strong> <strong>Your</strong> <strong>Costs</strong><br />
A license server with many different dongles, each with its own kernel driver – this is a system administrator’s<br />
nightmare. Additionally, the license server may not be available on the desired platform, so the system administrator<br />
must run a second license server on Windows just for one software pack<strong>ag</strong>e. These problems and others<br />
cause a company with lots of software needs from many different vendors to follow the rule “if possible, always<br />
buy software without dongles” – an understandable situation.<br />
CodeMeter License Man<strong>ag</strong>ement<br />
But does this mean that you must send an<br />
unprotected copy of your software to such a<br />
”software without dongles” customer? The<br />
answer is no, CodeMeter provides you with<br />
the perfect solution:<br />
No kernel driver required<br />
One CmStick to protect software from<br />
many different providers<br />
More than 1, 000 different products in<br />
one CmStick<br />
License Server available for the usual<br />
platforms (Windows, Linux, Mac OS, and<br />
Solaris)<br />
Just use CodeMeter with a standard license<br />
man<strong>ag</strong>ement system: The administrator simply<br />
needs one CmStick at his or her license server.<br />
You, as the software provider, can transfer your<br />
license via Field Activation into the CmStick<br />
Firm Code 100.002<br />
Product Code: 1<br />
Options<br />
Firm Code 100.004<br />
9<br />
12<br />
6<br />
0 0 0 1 2<br />
Product Code: 1<br />
Options<br />
3<br />
0 0 0 1 8<br />
(see article on p<strong>ag</strong>e 6). You can program your<br />
licenses quickly and cheaply into a “shared”<br />
dongle either manually through an exchange of<br />
fi les or automatically over the Internet.<br />
Separated Areas<br />
Is it dangerous if several software providers<br />
share a CmStick? Is it possible that someone<br />
else might delete our license or more importantly<br />
add our license without our knowledge?<br />
Again there is a clear and short answer: “No,<br />
this is not possible”. CodeMeter was designed<br />
to prevent one company from tampering with<br />
another company’s CodeMeter licenses.<br />
Each software provider receives his own Firm<br />
Code. With your own Firm Code you can create<br />
a license container in the CmStick. After that you<br />
can store the actual licenses in this container.<br />
Only you, with your Firm Code can create, modify<br />
or delete such licenses in your container (Firm<br />
Item). This is protected by sophisticated and<br />
8
P R O D U C T<br />
unique cryptographic methods; only you have<br />
the key to unlock this container.<br />
Overview for the Provider<br />
Each license has visible and invisible parts. In<br />
the visible parts of the license container you<br />
can write your company name (and for each<br />
product, the product name).<br />
Using the CodeMeter WebAdmin tool, even<br />
the users can see which licenses are stored<br />
in their CmSticks. But the security and the encrypted<br />
license is found only in the invisible or<br />
hidden part.<br />
“locked” or not. And you can check the locking<br />
list frequently to see that lost CmSticks are also<br />
really defi ned as lost – even if they unexpectedly<br />
appear <strong>ag</strong>ain.<br />
Not only for Enterprise<br />
Customers<br />
The shared use of a CmStick is not only interesting<br />
for enterprise companies utilizing a<br />
license server. But is also useful for the typical<br />
single-PC user: He or she has the safety of<br />
license backup and also the benefi t of license<br />
“portability” without the need to contact the<br />
software developer’s help desk every time they<br />
install the protected application on another<br />
software product, can transfer and activate their<br />
licenses in a CmStick which is already used to<br />
protect the core software at the user’s site.<br />
The whole order process can be implemented<br />
many ways: via the online shop of a provider, via<br />
a branch portal, the portal of a WIBU-SYSTEMS<br />
co-op partner or via the CodeMeter portal which<br />
is provided by WIBU-SYSTEMS.<br />
Complete Protection Solution<br />
Not only can software be protected <strong>ag</strong>ainst<br />
piracy with CodeMeter. The protection is also<br />
available for documents (PDF) and additional<br />
data.<br />
Without<br />
CodeMeter<br />
With<br />
CodeMeter<br />
Loss of the CmSticks<br />
What happens if several providers share a<br />
CmStick and the users destroys or loses this<br />
stick?<br />
For this we supply a technical framework;<br />
however, each software provider must defi ne<br />
the actual license conditions directly with their<br />
customers.<br />
The technical framework allows a user to create<br />
a signed license backup. This backup will<br />
preserve a certifi ed time, all vendor license<br />
information including the states of any licensing<br />
parameters or us<strong>ag</strong>e counters which were in the<br />
CmStick at the moment of backup. If the user<br />
or vendor reports a specifi c CmStick as lost or<br />
stolen to WIBU-SYSTEMS, we will add it to a<br />
public “locking list”. CmSticks on the “locking”<br />
list will be deactivated the next time they communicate<br />
with a certifi ed time server. Finally<br />
you, as the software provider, defi ne which<br />
licenses should be restored to a new CmStick<br />
– also if the old CmStick should be defi ned as<br />
computer or change operating <strong>systems</strong>, etc.<br />
Simply attaching the existing CmStick at the<br />
new PC is enough to move the license!<br />
Last but not least a single user can use the Firm<br />
Item with Firm Code 0, in the user area to store<br />
passwords or keys, possibly for an encryption<br />
of the hard disk.<br />
By sharing an existing CmStick, you do not have<br />
to pay for the CmStick hardware: You are only<br />
paying a small license fee to program the Firm<br />
Items and your program’s parameters into a<br />
shared CmStick. This means that CodeMeter is<br />
also attractive for software having a value far<br />
below the cost of a CmStick. As a result, the<br />
user can man<strong>ag</strong>e all protected software licenses,<br />
including those for low-cost software or even<br />
digital documents in a single CmStick.<br />
Industrial Branch Solutions<br />
In some industries, CodeMeter is already an<br />
established Standard. Providers of additional<br />
modules, usually third party plug-ins, to the core<br />
Think about electronic manuals, provided with<br />
your software, pictures or graphics which can<br />
be browsed with your software, or fi nally the<br />
data of the user who uses your software. If your<br />
software, for example, creates production data<br />
or creates intellectual property, then each of<br />
your customers can protect his data individually<br />
with the CmStick and can also defi ne, which<br />
employee, partner or even customer, can access<br />
the protected data.<br />
Optionally in Software<br />
In 2008, CodeMeterAct, a complete softwarebased<br />
license man<strong>ag</strong>ement system will be<br />
available. The functions are identical to the<br />
existing CodeMeter system. The administrator<br />
could use CodeMeterAct instead of a dongle<br />
to man<strong>ag</strong>e licenses. But you as our customer<br />
can decide which protection variant (Wibu<strong>Key</strong>,<br />
CodeMeter or CodeMeterAct) you will provide<br />
to your customers individually.<br />
9
KNOW-HOW<br />
WUPI - Wibu Universal<br />
Protection Interface<br />
Individual software protection is difficult to implement, requires a lot of security knowledge and after two years,<br />
the security quality is probably obsolete. With WUPI this nightmare vanishes. You simply specify the general<br />
framework of what you want to protect and our IxProtector solves the rest. And with the next update of our<br />
protection application you bring to your application the newest security level.<br />
To bring individual copy protection to a high<br />
security level, you need updated knowledge<br />
about hacker technology and attack methods.<br />
Acquiring this knowledge and implementing suitable<br />
protection methods in your own software<br />
updated, varied and enhanced, based on our<br />
latest security knowledge. You simply download<br />
the latest version of our tools before you release<br />
your software – that is all.<br />
calling external functions. And this is supported<br />
by nearly every langu<strong>ag</strong>e: The settings, which<br />
licenses are required and which protection parameters<br />
are set, are all stored in an external<br />
control fi le.<br />
WupiDecryptCode<br />
WupiCheckDebugger<br />
WupiCheckLicense<br />
WupiDecreaseUnitCounter<br />
WUPI - Wibu Universal Protection Interface<br />
Wibu<strong>Key</strong><br />
CodeMeter<br />
CodeMeterAct<br />
is time-consuming and very expensive. And in a<br />
few short years, your home-grown solution is<br />
obsolete and the time has to be invested <strong>ag</strong>ain.<br />
And – let’s be honest – most software providers<br />
cannot afford to go through this cycle time after<br />
time; hoping instead that no one will crack the<br />
current version. But when the fi rst copies of the<br />
just released software pack<strong>ag</strong>e appear on the<br />
hacker’s websites, the pressure to create another<br />
security solution is enormous.<br />
Always the most current<br />
security tools<br />
In the future, you can relax after a new release,<br />
because you will be sure that your application<br />
is protected with the very latest in anti-piracy<br />
technology. Just trust in our security expertise<br />
and use WUPI, the new universal API for all<br />
WIBU-SYSTEMS copy protection products. You<br />
simply provide your security framework and<br />
the IxProtector adds, at the desired locations in<br />
your program execution, several security checks.<br />
In future WUPI versions these checks will be<br />
Safe for the Future<br />
WUPI supports all of WIBU-SYSTEMS’ copy<br />
protection <strong>systems</strong>; this includes Wibu<strong>Key</strong>, CodeMeter<br />
and in the future CodeMeterAct. Using<br />
WUPI will bring a permanent enhancement of<br />
the security, independent of which of our products<br />
you use. Any extension, for example from<br />
CodeMeter to CodeMeterAct, will be realized<br />
with few modifi cations. You can use several protection<br />
technologies at the same time – possibly<br />
you know this already from AxProtector.<br />
Versatile<br />
Possibly you are now thinking: This is only for<br />
C++, and me with my good old Visual Basic, I’m<br />
left out. Far from it! You should be able to work<br />
with your favorite langu<strong>ag</strong>e and still receive a<br />
high level of security. That’s why WIBU-SYSTEMS<br />
developed beyond a fi rst, pointer-based WUPI<br />
variant, which only works with pointer-based<br />
langu<strong>ag</strong>es like C/C++ and Delphi, a second<br />
variant, which is index-based. For this, the langu<strong>ag</strong>e<br />
should support the loading of DLLs and<br />
Lean but Powerful<br />
WUPI has only twelve simple API functions.<br />
Examine just one and WUPI shows its full power:<br />
Just call WupiCheckLicense() and automatically<br />
a referenced license will be searched, allocated<br />
and used for encryption. And if you want to do<br />
something what WUPI has not provided, for<br />
example the reading of data entries (Wibu<strong>Key</strong>)<br />
or data options (CodeMeter), just call WupiGet-<br />
Handle() to return the entry’s handle and then<br />
continue using the normal, classic API.<br />
WUPI – the API of the Future<br />
Please use WUPI for your next project or for your<br />
next version release – it will be worth doing. And<br />
here is an offer which you should not turn down:<br />
Just download the latest AxProtector pack<strong>ag</strong>e.<br />
The new WUPI tool is already integrated. Or<br />
contact our technical support team.<br />
10
BILLBOARD<br />
Briefly Presented<br />
CodeMeter<br />
– Ready for Windows CE<br />
Verband Deutscher Maschinen- und Anl<strong>ag</strong>enbau<br />
e.V. (VDMA), the German association of mechanical<br />
and plant manufacturing companies,<br />
published a new study concluding that 60%<br />
of this German industry will be the target of<br />
counterfeiting complete machines. On the other<br />
hand, manufacturer of devices, machines and<br />
plants support standard operating <strong>systems</strong> for<br />
the software in their products. And the part of<br />
the functionality which is realized in software<br />
is getting larger and larger.<br />
The CodeMeter System is now available for<br />
Windows Embedded CE 5.0 and 6.0 on Intel<br />
x86 and ARM processors. Other processors can<br />
be supported in a short time on demand. If a<br />
developer specializes in embedded programs,<br />
he can use CodeMeter in the ARM environment<br />
via the Microsoft ARM device emulator, even<br />
without having the fi nal hardware available.<br />
“As a new Windows Embedded Partner WIBU-<br />
SYSTEMS supports building the International<br />
market for embedded products by eng<strong>ag</strong>ement<br />
and know-how” said Manjo Rami, Senior Marketing<br />
Man<strong>ag</strong>er of the<br />
Windows Embedded<br />
Business Group of<br />
Microsoft Corp. “By<br />
supporting Windows<br />
Embedded CE, CodeMeter will gain a lead because<br />
of fl exibility, security and reliability.“<br />
“According to a study from BITKOM and Roland<br />
Berger (a well-known German consultant company),<br />
the embedded market is one of the largest<br />
areas for potential growth. By using embedded<br />
Picture: Protection for Embedded Systems (e.g ZSK)<br />
racy. The value of a machine will be determined<br />
more and more by the implemented Embedded<br />
Software.”, explained Oliver Winzenried, CEO<br />
and co-founder of WIBU-SYSTEMS AG. “Today,<br />
more than 30% of our customers are already<br />
in the industrial area. With enhanced solutions<br />
in the Embedded Area, we will support these<br />
customers even better”.<br />
Expanding in China<br />
In the middle of July, Wibu-Systems (Shanghai)<br />
Co. Ltd., a wholly owned subsidiary of WIBU-<br />
SYSTEMS, AG, moved to new offi ces located<br />
in Shanghai’s Yangpu district, close to Fudan<br />
and Tongji Universities, both known for their<br />
academic excellence. The new offi ce has more<br />
than triple the space of the former facility and<br />
will allow for consolidating sales, support, and<br />
operations and provide larger inventories for<br />
“just-in-time” deliveries. The increasing demand<br />
for sophisticated software protection solutions<br />
to meet the needs of both Chinese companies<br />
and International companies with offi ces in<br />
Picture: WIBU-SYSTEMS Offi ce in Shanghai<br />
China was one of the reasons Wibu-Systems<br />
needed to expand. Another reason was the<br />
desire to provide a powerful center of antipiracy<br />
excellence.<br />
Oliver Winzenried, C.E.O. of Wibu-Systems AG,<br />
explained, “In addition to the high quality of<br />
our security solutions, our customers also rely<br />
on us for competent consultation regarding<br />
the complex nature of the different protection<br />
concepts. That is why qualifi ed employees are<br />
an important part of our growth policy. Another<br />
element of our expansion strategy is to locate<br />
close to colleges and universities. Not only do<br />
we have a resource that can help us understand<br />
local requirements and restrictions, but we also<br />
have a ready pool of well qualifi ed potential employees.<br />
Therefore, the location of our new offi ce<br />
is perfect and it provides us with plenty of space<br />
operating <strong>systems</strong> like Windows Embedded CE,<br />
manufacturers of industrial plant controls and<br />
machines can protect their products <strong>ag</strong>ainst pifor<br />
additional personnel and inventory.“<br />
“Shanghai is one of the biggest economic centers<br />
in China, as well as an important technology<br />
site for IT”, explained Hailiang Li, Man<strong>ag</strong>ing<br />
Director of Wibu-Systems (Shanghai) Co. Ltd.<br />
“For this reason many national and International<br />
companies are often located in Shanghai. The<br />
Study: Protection <strong>ag</strong>ainst Piracy in<br />
Machine Industry<br />
By supporting Windows CE, we have a first<br />
solution available for Embedded Systems.<br />
We are conducting a study and we want to<br />
hear from you about your individual requirements<br />
for protecting <strong>ag</strong>ainst piracy. Please<br />
download the questionnaire file and complete<br />
the form online (www.<strong>wibu</strong>.com).<br />
As thank you, you will receive a copy of the<br />
results of the study.<br />
protection of intellectual property as well as<br />
license man<strong>ag</strong>ement of software and other<br />
digital content are important requirements for<br />
many of these companies. We now have on staff<br />
an employee who will concentrate all his efforts<br />
in meeting these important requirements.”<br />
CeBIT asia 2007<br />
At CeBIT Asia 2007, WIBU-SYS-<br />
TEMS will <strong>ag</strong>ain have a booth<br />
presenting its solutions in the<br />
Shanghai New International Expo<br />
Centre. As an added bonus attendees of the PTC<br />
and CeMAT shows will also be able to attend<br />
CeBIT. WIBU-SYSTEMS will <strong>ag</strong>ain organize its<br />
popular workshop “IT security and protection<br />
of software, documents, media and access”.<br />
Prof. Cao Zhaomin from the Jiaotong University,<br />
specializing in information security, will be the<br />
keynote speaker. In addition to speeches from<br />
WIBU-SYSTEMS, we will also have a presentation<br />
from Jörg Heil, CEO of Hartung Consult<br />
in Shanghai, about information security in the<br />
SAP world.<br />
11
Hacker´s Contest 2007<br />
How important is software protection?<br />
Isn’t it possible that every<br />
protection scheme can be cracked?<br />
These are typical questions from<br />
nearly every software producer;<br />
because implementing a software<br />
protection system requires a lot of<br />
effort and some expense.<br />
Every Third License<br />
is a Pirated Copy<br />
The newest software piracy study, published in<br />
August 2007 by the Business Software Alliance<br />
(BSA) and IDC, showed the aver<strong>ag</strong>e worldwide<br />
piracy rate, unchanged from last year, to be<br />
36%. The USA is low with 22%, but leads in<br />
the absolute fi nancial dam<strong>ag</strong>e with 7.3 billion<br />
US-$, in front of China and France. Germany is<br />
number 7 on the absolute dam<strong>ag</strong>e list and is<br />
part of the European piracy aver<strong>ag</strong>e of 36%.<br />
This means: One pirated copy for every two<br />
legitimate licenses. In established markets like<br />
the European Community and the USA, the<br />
most dam<strong>ag</strong>e comes from under-licensing – for<br />
example, fi ve licenses are legally purchased but<br />
twenty are illegally used. In the new growing<br />
economies, Eastern Europe and Asia, nearly all<br />
licenses in use are pirated, or “self-proclaimed”<br />
dealers sell pirated copies, sometimes without<br />
the knowledge of the customers, for example<br />
when an illegal online dealer implements<br />
his own activation schema for Original Adobe<br />
software.<br />
How Safe Can Software<br />
Protection be?<br />
No protection system can be 100% safe. But<br />
we keep trying. In the past, WIBU-SYSTEMS<br />
arranged competitions to check the security<br />
quality of our products. In these previous competitions,<br />
a protected program was published<br />
and it was shown that its protection could not<br />
be cracked and made to run without a suitable<br />
license in the WibuBox. This is a serious praxisrelevant<br />
test for software producers who want<br />
to publish a protected software product for free<br />
download on their website.<br />
1092Participants<br />
Partial<br />
Solutions<br />
8<br />
In our Hacker’s Contest for 2007, we went<br />
one step further and the participants in the<br />
competition received not only the protected<br />
application, but also a CmStick with the appropriate<br />
license. 1,092 contestants from 27<br />
countries entered the contest and had up to<br />
six weeks to remove the copy protection and<br />
claim the attractive prize of 32,768 Euro (or<br />
US-$ 40,000). No one succeeded.<br />
12
E V E N T S<br />
Why did Not One of the 1092<br />
Contestants Succeed?<br />
Although the challenge was theoretically solvable,<br />
not one of the contestants could fully<br />
remove the protection. Most of the contestants<br />
fell in the trap of trying to by-pass the intruder<br />
detection and had their license locked in the Cm-<br />
Stick. This resulted in further brute-force attacks<br />
to the encryption. The chance of breaking the<br />
128-bit AES encryption was slim to none. Other<br />
contestants failed to jump other hurdles. But<br />
we did receive some excellent partial solutions<br />
and we awarded those contestants with 500 to<br />
2000 Euro each. Hackers or Crackers go down<br />
different paths than developers and the partial<br />
solutions were important input for us. These<br />
partial winners discovered some weaknesses<br />
in our system which we not seen before. And<br />
the discovery of these weaknesses allowed us<br />
to strengthen our overall security.<br />
The partial solutions included creating memory<br />
dumps and also the attempt to replace the<br />
CmStick with record-playback simulation within<br />
the communication of the protected application<br />
with the CodeMeter runtime. One of these<br />
attacks is described in detail in the renowned<br />
Germany computer m<strong>ag</strong>azine “c’t”, 21/2007,<br />
describing the tools used, like IDAPro, ImpRec,<br />
OllyDebug and NetCat. But, this attack did not<br />
provide a completely successful solution to the<br />
Hacker’s Contest: A second function also had<br />
to be decrypted – its license item was already<br />
in the CmStick, but not activated by a single bit.<br />
Since the contest we have added enhancement<br />
to the CodeMeter Runtime Kit – the attack of<br />
the “c’t” is now no longer possible.<br />
Attacking Methods<br />
Attacking Methods and why they don’t work<br />
with CodeMeter:<br />
Memory Dumping: CodeMeter uses<br />
“On Demand Decryption“, this means<br />
there is no time after running the complete<br />
program when code and resources are<br />
completely decrypted in the main memory<br />
of the PC.<br />
Dummy Driver: By using complex<br />
encryption, a simulation of the encryption<br />
by dummy drivers is prohibited, because<br />
there is no limit to the number of answers<br />
for calling a function.<br />
Cracking Tools: Most of the usual<br />
cracking tools will be detected by the<br />
protected application and this detection<br />
1092 Contestants from 27 Countries<br />
Germany 33%<br />
Rest 14%<br />
can be used to lock the license in the<br />
hardware (CmStick), avoiding any further<br />
attacks.<br />
Record-/Playback Driver: The use of<br />
randomly varied encryptions and changing<br />
of the Encryption Code avoids a successful<br />
use of recording and playback for a longer<br />
time range.<br />
Emulation of the CmSticks: The use<br />
of strong encryption (AES) and the use of<br />
secure hardware – a smart-card controller,<br />
make a complete emulation of the hardware<br />
nearly impossible.<br />
Patching of some bytes: With CodeMeter,<br />
protected applications are no longer<br />
using single checkpoints. But large areas<br />
of code and data are encrypted and such<br />
patching is impossible, especially when<br />
the automatic protection offered by AxProtector<br />
is used.<br />
Competition Program<br />
As an example, we show the competition<br />
program below, after the start, loading and<br />
decryption with the correct CmStick, in the<br />
memory of the PC: The green areas are still<br />
encrypted. The resource data areas are always<br />
encrypted and are only partially decrypted on<br />
demand. The IAT (Import Address Table), which<br />
is the connection to the called operating system<br />
remains encrypted as well as the individual<br />
functions – with two in the hacker’s contest. It<br />
is easy to understand that a memory dump will<br />
be not successful.<br />
India 2% Spain 2%<br />
Ukraina 2%<br />
PE Header<br />
Code Section<br />
Data Section<br />
China 18%<br />
France 3%<br />
Bangladesh 3%<br />
Poland 2%<br />
OEP<br />
Resource Section<br />
The Netherlands 4%<br />
Hungary 4%<br />
Link to new OEP<br />
IAT<br />
IAT redirect<br />
Security Section<br />
Security Code IAT<br />
USA 10%<br />
Operating<br />
System<br />
The Bottom Line<br />
We accept that no security system is 100%<br />
secure. But a high level of security can be<br />
reached by:<br />
Secure Hardware: The CmStick provides for<br />
secure key stor<strong>ag</strong>e and strong encryption<br />
in a smart-card chip. The CodeMeter<br />
System includes a crack detection, which<br />
can lock the license key.<br />
Secure Integration Technology: The code<br />
and resources of the protected application<br />
will never be completely decrypted in the<br />
main memory of the PC. Variable encryption,<br />
anti-debugging and obfuscation<br />
technology as well as tools to individually<br />
integrate the source code increase the<br />
security level <strong>ag</strong>ain.<br />
The “simple to use” tools from WIBU-SYSTEMS<br />
like AxProtector for automatic protection and<br />
the IxProtector to individually integrate the<br />
source code provide a maximum of protection.<br />
These are some of the main advant<strong>ag</strong>es of our<br />
solution… in addition to the high fl exibility of<br />
CodeMeter.<br />
13
CASE STUDY<br />
Easy to Switch to CodeMeter<br />
A system for software protection and license man<strong>ag</strong>ement is not changed daily. After a decision is made, it<br />
should be the solution for a long time..<br />
Good Reasons<br />
A system for software protection and license<br />
man<strong>ag</strong>ement is not changed daily. After a decision<br />
is made, it should be the solution for a<br />
long time.<br />
Customers who changed to WIBU-SYSTEMS<br />
have given us the following reasons for doing<br />
so:<br />
Weak Security: In many cases the customer<br />
had found a hack of his software<br />
on the Internet, but their old solution<br />
provider did not come with new protection<br />
schemas.<br />
Missing Features: Our new customers<br />
especially like the license man<strong>ag</strong>ement<br />
features of CodeMeter. The ability to offer<br />
their customers various ways to purchase<br />
their software has opened new sales<br />
channels. And all of these different distribution<br />
methods can be handled by one<br />
license man<strong>ag</strong>ement tool: CodeMeter.<br />
Outdated Technology: Any software<br />
protection has a viable quality level for<br />
a short period of time, and then hacker<br />
tools and methods catch up. Like a virus<br />
scanner, a software protection system<br />
needs permanent enhancement, and<br />
WIBU-SYSTEMS outshines the competition<br />
in staying one step ahead of the hacker<br />
community.<br />
Continuity at WIBU-SYSTEMS<br />
But of all the reasons to switch, continuity is<br />
the one that will save you the most money in<br />
the long run. And continuity is a major goal<br />
at WIBU-SYSTEMS. Our products have always<br />
been backwards as well as forwards compatible<br />
and now you can see that we offer continuity<br />
between our product lines as well. Whether<br />
you have decided for Wibu<strong>Key</strong>, CodeMeter or<br />
CodeMeterAct – or when you decide – you<br />
cannot make a wrong decision.<br />
No matter which of our products you choose,<br />
you can integrate a mix of our products and<br />
three basic technologies without trouble. By<br />
strictly separating the basic system and solution,<br />
any enhancement in the automatic protection<br />
of AxProtector and WUPI (Wibu Universal Protection<br />
Interface), our unique API, will be within<br />
reach of all our customers.<br />
Steps if you Change<br />
You may have a few, many or very many customers.<br />
But, the principle steps and the open<br />
questions are always similar:<br />
What must I change in my software to<br />
support CodeMeter?<br />
How will I program my dongles in the<br />
future?<br />
How should I change the installed base?<br />
Completely in a big bang or step by step?<br />
Integration into Software<br />
In many cases, the integration into the software<br />
is the easiest point. Naturally it depends which<br />
system you had before.<br />
Using a Wrapper<br />
In this case you simply replace the previous<br />
wrapper with AxProtector. You can use the graphic<br />
user interface or the command line tool<br />
in an automatic build process – in both cases<br />
our support experts can help you in the fi ne<br />
tuning of the AxProtector options, targeting<br />
your special application.<br />
Login, Logout, Crypt<br />
If you use an API with functions like xxLogin,<br />
xxCrypt and xxLogout. Then the CodeMeter API<br />
provides you with similar functions:<br />
API (former) Cm API<br />
xxLogin CmAccess<br />
xxCrypt CmCrypt<br />
xxLogout CmRelease<br />
With CmAccess you specify the Firm Code and<br />
Product Code which you want to use – parameters,<br />
which defi ne your license.<br />
In contrast to your previous dongle, you can also<br />
modify the key for the encryption and decryption<br />
during execution. Use this feature to increase<br />
the security <strong>ag</strong>ainst hacking.<br />
Writing and Reading Data: Are you used to<br />
writing data into your previous dongle during<br />
runtime and reading it back later? This is also<br />
possible with CodeMeter, we even provide you<br />
with several access rights.<br />
14
CASE STUDY<br />
However such a technology does not increase<br />
the security of the protected application. Instead<br />
of writing data, our customers use the following<br />
methods:<br />
During the development process, data is<br />
encrypted and then stored into the source<br />
text.<br />
This data is decrypted during the runtime<br />
and then used.<br />
This even permits you to change the key to<br />
decrypt the data during runtime. By such<br />
changes, the same location in your software<br />
sends different sequences to the CmStick, which<br />
inhibits a crack by simulation with a recordplayback<br />
attack.<br />
Reading License Information<br />
Today, do you write a license number into the<br />
dongle and read it back during runtime? Then,<br />
depending on this number, do you activate specifi<br />
c modules or control the number of licenses<br />
in the network?<br />
This is also possible with CodeMeter. But with<br />
your current dongle, you have more effort and<br />
less security. Such features are supported directly<br />
by CodeMeter and permanently enhanced. A<br />
radical “break away from the past” change to<br />
CodeMeter is in the long run always cheaper<br />
than creating your own license schema to a<br />
“I just write an ID” dongle. Keep your license<br />
schema simple and secure and use the knowledge<br />
we learned from more than 50 migrations<br />
to CodeMeter, alone, in Germany, in the last<br />
six months.<br />
Programming the Dongles<br />
Again, CodeMeter provides you with full fl exibility:<br />
With CmProducer you have a simple but<br />
powerful data base application to program<br />
the CmSticks. A programming API and command<br />
line tools extend the CmProducer – it<br />
will be always easy and effi cient to integrate<br />
the programming of the CmSticks into your<br />
own operations.<br />
Exchange Legacy Dongles<br />
in the Field<br />
Our experience shows that a complete exchange<br />
of all existing dongles in the fi eld with Cm-<br />
Sticks can be a sensible solution. This is the<br />
favorite decision for customers who switched<br />
to CodeMeter for security reasons and at the<br />
same time released a new main version of<br />
their software.<br />
Other customers decided to go the smooth<br />
“step by step” route and protect the current<br />
version with CodeMeter, but will continue to<br />
support their existing customers who already<br />
have the previous dongle. The problem is that<br />
the old solution is the weak link in the whole<br />
security chain – therefore the support for the<br />
old dongle should end with one of the next<br />
version releases.<br />
Sometimes even the user – your customer<br />
– wants you change to CodeMeter. Why?<br />
CodeMeter is attractive for a lot of users because<br />
the CmStick can come bundled with a<br />
Personal Security Suite of applications that will<br />
make the user’s computer life more secure, for<br />
example: The CodeMeter Password Man<strong>ag</strong>er.<br />
In this case, the user buys his or her CmStick<br />
and you simply provide the license, which can<br />
be transferred for a small fee into this CmStick.<br />
Optionally the Password man<strong>ag</strong>er can also be<br />
adapted to your Corporate Design.<br />
Customer Endorsement<br />
EverFocus ® Electronics AG<br />
Emmerich am Rhein<br />
Dipl.-Inf. (FH) Ingo Jansen<br />
(R&D / IT Man<strong>ag</strong>er):<br />
“EverFocus already had an<br />
excellent experience with<br />
Wibu<strong>Key</strong> as our fi rst software<br />
protection system. We switched to CodeMeter<br />
because of its fl exibility and effi ciency, whereby<br />
we could integrate network license models<br />
just as simply as single-user license models<br />
into our software. We also liked the remote<br />
programming features of CodeMeter, which<br />
allowed us to keep our customers happy and<br />
have an effective worldwide license man<strong>ag</strong>ement<br />
system at the same time. “<br />
SOFiSTiK AG<br />
Oberschleissheim<br />
Dr.-Ing. Casimir Katz<br />
(CTO Member of the Board):<br />
“We decided, above all other considerations, to<br />
switch our software protection to CodeMeter,<br />
because of the substantial and sophisticated<br />
license man<strong>ag</strong>ement features. We were impressed<br />
by the automatic release of licenses<br />
from crashed programs; also by the ability to<br />
combine network licenses with an expiration<br />
date; and especially by the ability to completely<br />
re-program a dongle, already delivered<br />
to a customer. The uniform appearance under<br />
Windows and Linux, especially the support for<br />
64-bit operating <strong>systems</strong> were also important<br />
reasons for our decision.<br />
The fact that all CodeMeter dongles are the<br />
same, and that they are available from worldwide<br />
distributors, makes it possible to save time<br />
money when dealing customs. The extraordinary<br />
high quality of WIBU-SYSTEMS’ support, before<br />
and after we became a customer, together with<br />
secure and fl exible remote programming, has<br />
convinced us that we made the right decision<br />
with CodeMeter.”<br />
15
KNOW-HOW<br />
Mobile Solutions<br />
Standard Driver<br />
If you want to use CodeMeter for software protection and as<br />
a license man<strong>ag</strong>ement system, you do not need a proprietary<br />
driver. CodeMeter utilizes the Mass Stor<strong>ag</strong>e Driver, which is<br />
a standard part of Windows.<br />
Several Advant<strong>ag</strong>es for You<br />
No installation problems<br />
Availability also for newer Windows versions<br />
Mobile delivery of your software on the CmStick<br />
Security of the USB Driver<br />
Usually security concerns arise if a standard driver is used<br />
for security.<br />
Mobile Shipment<br />
If you (or more importantly,<br />
your customers) would<br />
like the convenience of<br />
delivering your protected<br />
software on a portable<br />
“thumb drive”, simply<br />
request a CmStick with<br />
additional fl ash memory.<br />
They can be ordered from<br />
WIBU-SYSTEMS with 256<br />
Mbytes, 1 GBytes and 2<br />
GBytes (other memory<br />
sizes on request).<br />
Imprint<br />
KEYnote<br />
14th edition, Fall 2007<br />
Publisher:<br />
WIBU-SYSTEMS AG<br />
Rueppurrer Strasse 52-54<br />
76137 Karlsruhe, Germany<br />
Tel. +49-721-93172-0<br />
Fax +49-721-93172-22<br />
info@<strong>wibu</strong>.com<br />
www.<strong>wibu</strong>.com<br />
Responsible For The<br />
Contents:<br />
Oliver Winzenried<br />
Is it possible for a hacker to insert a filter driver?<br />
Yes… he can do this, but he cannot interpret the data stream<br />
because it is encrypted and the encryption is changed on<br />
the fl y.<br />
Is it possible for a hacker to crack the encryption?<br />
With enough effort anything is possible. But it takes less<br />
effort to crack a proprietary driver. That’s why we included<br />
the polymorph encryption in CodeMeter: The data transferred<br />
in the encrypted channel is modifi ed and varies. Hacking the<br />
transfer channel is not enough to implement a successful<br />
record-playback attack.<br />
The Bottom Line<br />
CodeMeter used with the USB standard USB driver is safer<br />
than a proprietary dongle driver.<br />
Protect your software with the AxProtector and simply<br />
copy it to the CmStick.<br />
Program the required license items into the CmStick.<br />
Copy the CodeMeter runtime to the CmStick (Code-<br />
Meter.exe and CodeMeterCC.exe).<br />
Optionally, you can copy your own startup program<br />
on the CmStick – it can check if the CodeMeter<br />
Runtime has already started or starts it on demand<br />
and terminates the runtime <strong>ag</strong>ain after your software<br />
has terminated.<br />
Beyond protected software you can also deliver protected<br />
documents on the CmStick. Again everything runs without<br />
installation, directly from CmStick, including the Adobe<br />
Reader.<br />
Editors:<br />
Rüdiger Kügler<br />
Stephan Süptitz<br />
Wolfgang Völker<br />
Oliver Winzenried<br />
John Poulson<br />
Marcellus Buchheit<br />
Design and Production<br />
Manuel Künstler<br />
Gunnar Petersohn<br />
Letters are welcome at any<br />
time. They are protected by<br />
the press secret. Articles identifi<br />
ed by name do not necessarily<br />
refl ect the opinion of<br />
the editors.<br />
WIBU-SYSTEMS on Tour:<br />
Cebit asia<br />
October 10-13, 2007<br />
Shanghai, China, Hall W5, Booth 5F51.<br />
Embedded Systems Show<br />
October 17-18, 2007<br />
Birmingham, England, NEC, Hall 10.<br />
SYSTEMS<br />
October 23-26, 2007<br />
Munich, Germany.<br />
European <strong>Share</strong>ware Conference<br />
November 3-4, 2007<br />
Cologne, Germany.<br />
Prio Conference<br />
November 13-14, 2007<br />
Baden-Baden, Germany.<br />
WIBU-SYSTEMS USA Inc. -<br />
Protection Days in Canada<br />
December 4, 2007 - Toronto Area<br />
December 5, 2007 - Toronto Area<br />
December 7, 2007 - Montreal Area<br />
Details see www.<strong>wibu</strong>.us/events<br />
NAMM<br />
January 17-20, 2008<br />
Anaheim, California<br />
WIBU, CodeMeter and Smart-<br />
Shelter are international trademarks<br />
of WIBU-SYSTEMS. All<br />
other trademarks belong to<br />
their respective holders.<br />
© 2007 WIBU-SYSTEMS.<br />
All rights reserved.<br />
5060-002-02/20071001<br />
SoftSummit<br />
November 12-14, 2007<br />
Santa Clara, California<br />
MacWorld<br />
January 15-18, 2008<br />
San Francisco, California