Software Protection, Seen by a Hacker - CodeMeter
Software Protection, Seen by a Hacker - CodeMeter
Software Protection, Seen by a Hacker - CodeMeter
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
COVER STORY<br />
<strong>Software</strong> <strong>Protection</strong>, <strong>Seen</strong> <strong>by</strong> a <strong>Hacker</strong><br />
TOPICS<br />
<strong>CodeMeter</strong> – New Technologies<br />
AxProtector – Automatic <strong>Protection</strong><br />
IxProtector – Integration into the Source Code<br />
12<br />
FALL 2006
Contents<br />
GLOBAL<br />
WIBU-SYSTEMS Global<br />
WIBU-SYSTEMS with Chancellor Merkel in China<br />
<strong>Software</strong> <strong>Protection</strong> Days a Big Success<br />
KNOW-HOW<br />
<strong>Software</strong> <strong>Protection</strong>, <strong>Seen</strong> <strong>by</strong> a <strong>Hacker</strong><br />
PRODUCT<br />
<strong>CodeMeter</strong> – New Technologies<br />
AxProtector – Automatic <strong>Protection</strong><br />
IxProtector – Integration into the Source Code<br />
SmartShelter|PDF and SmartShelter|Media<br />
BILLBOARD<br />
Briefly Presented<br />
CASE STUDY<br />
We have changed to <strong>CodeMeter</strong><br />
Steel Beasts of eSim Games<br />
COURSES<br />
Perfect Consulting for You…<br />
2<br />
I N T R O<br />
3<br />
3<br />
3<br />
4<br />
6<br />
8<br />
10<br />
12<br />
13<br />
14<br />
15<br />
16<br />
Dear customers and partners,<br />
The Soccer World Championship in Germany came to an end<br />
with a fantastic 3rd place for the German team! There is tremendous<br />
excitement in the country and worldwide acceptance for<br />
Germany as a good host. Let’s capture and save this mood!<br />
Our primary goal is offering you the best product on the market.<br />
By paying attention to detail and in accordance with our slogan<br />
“Perfection in <strong>Software</strong> <strong>Protection</strong>”, we are approaching the<br />
perfect solution to software protection. With enthusiasm and<br />
commitment, we work hard to support your success with our<br />
products. We look at every option, analyze new technologies<br />
and review new marketing models to fulfill your requirements<br />
– right on time, with precise results. We pursue our goals<br />
rigorously to earn your trust in our company, our people and<br />
our products.<br />
You may think of revenue loss as the greatest cost of piracy.<br />
But for software companies there is another less tangible cost;<br />
pirated copies are less reliable, problematic and tarnish both<br />
your reputation and that of your products. Finally, software<br />
piracy is a global problem: Copies are everywhere, but in countries<br />
with high economic growth, the rates are the highest. In<br />
Germany, 27% of software is copied illegally – more than one<br />
pirated copy for every three sold legitimately. In some countries,<br />
there is a 90% piracy rate in the software market. Even in companies<br />
that purchase legal copies, under-licensing is the problem:<br />
5 licenses were purchased but 20 are used. Last but not least,<br />
there are commercial pirates – often funded <strong>by</strong> organized crime<br />
– who sell illegal copies and create activations; and in the<br />
process steal from users as well as developers.<br />
Relying on legal remedies is not enough and not all technical<br />
security methods are effective. There is a need for solutions<br />
which are easy to integrate, offer highly flexible licensing and<br />
sales models and guarantee the highest possible security. We<br />
are proud of the solutions our products contribute to eradicating<br />
global piracy.<br />
In the current KEYnote magazine we discuss the limits of technical<br />
protection methods and the major improvements we have<br />
made. Enjoy!<br />
Sincerely<br />
Oliver Winzenried
WIBU-SYSTEMS<br />
Global<br />
<strong>Software</strong> protection is still a niche market. That’s<br />
why WIBU-SYSTEMS started early to expand<br />
international sales:<br />
1993: Start in USA with first distributor close<br />
to Washington DC and attending the COM-<br />
DEX/Fall in Las Vegas.<br />
1997: Distribution agreement with Suncarla<br />
in Japan and attending the COMDEX/Tokyo<br />
in 1998.<br />
2001: Opening a sales office in Melbourne/<br />
Australia and attending the CeBIT in Sydney.<br />
2001: Founding of WIBU-SYSTEMS USA, Inc.<br />
in Seattle.<br />
2002: Start of distribution in China and attending<br />
the CeBIT asia in Shanghai.<br />
2003: Founding WIBU-SYSTEMS Shanghai.<br />
2004: Attending the GITEX in Dubai.<br />
2005: Opening of the sales office in Belgium<br />
and The Netherlands, large investment in<br />
China and founding of a capital company<br />
WIBU-SYSTEMS (Shanghai) Co. Ltd. (WFOE)<br />
as 100% child of the German AG.<br />
2006: Opening of a sales office in England,<br />
WIBU-SYSTEMS Ltd.<br />
WIBU-SYSTEMS receives a big part of its revenue<br />
from foreign countries thanks to the commitment<br />
of our employees in the local offices and the exceptional<br />
work of our distributors. Beyond pure<br />
sales we also offer local support, consulting,<br />
sample code and language localization.<br />
This focus allows us to quickly enhance our products<br />
and develop new ones.<br />
G L O B A L<br />
WIBU-SYSTEMS with Chancellor Merkel<br />
in China<br />
As a member of a business development delegation,<br />
Oliver Winzenried, CEO of WIBU-SYSTEMS,<br />
traveled with German Chancellor Angela Merkel<br />
to China at the end of May. A central topic of<br />
the delegation was the protection of intellectual<br />
properties. Mr. Winzenried also presented information<br />
on a user-friendly Digital Rights Management<br />
(DRM) product in the German-Chinese high<br />
technology dialog forum, which was led <strong>by</strong> the<br />
German Economic Minister, Michael Glos.<br />
“Solutions for the protection of digital content<br />
are especially interesting for countries like China”,<br />
explained the CEO of WIBU-SYSTEMS. “On the<br />
one hand, the government is under international<br />
pressure to fight harder against the industrial<br />
production of illegally copied intellectual property.<br />
On the other hand, DRM solutions bring a lot<br />
of advantages for local software companies.”<br />
The Business <strong>Software</strong> Alliance (BSA) explained<br />
in a year end 2005 study, that China with ten<br />
percent less software piracy could create as<br />
many information technology jobs <strong>by</strong> 2009 as<br />
the USA has in the last thirty years. The information<br />
technology market would grow threefold.<br />
Mr. Winzenried closed his presentation with the<br />
fact: As the demand for WIBU products demonstrates<br />
that the Chinese software industry has<br />
realized the need for anti-piracy products.<br />
The copyright topic with the focus on technical<br />
software protection and licensing strategies<br />
was also the theme of the next event in China:<br />
that WIBU-SYSTEMS participated in. It was in<br />
mid September and the company had a workshop<br />
at CeBIT Asia in Shanghai. Prominent representatives<br />
from industry and academic research<br />
were getting informed about development and<br />
the potential of the IT market in China.<br />
<strong>Software</strong> <strong>Protection</strong> Days a Big Success<br />
From April to July 2006 we conducted “<strong>Software</strong> <strong>Protection</strong> Days” in<br />
Germany, Austria and Switzerland. These workshops combined product<br />
information and basic knowledge with live hacking demonstrations.<br />
We focused on a lot of topics: How do hackers work? How are protection<br />
mechanisms defeated <strong>by</strong> tools found on the Internet? Which solutions<br />
provide effective protection?<br />
The response from more than 300 attendants was positive in every respect: “I was surprised how<br />
easy protected software can be cracked and how safe and comparably easy <strong>CodeMeter</strong> avoids such<br />
cracks”, said Klaus Wörner from University Gießen-Friedberg.<br />
Ch. Krämer from IBIS GmbH in Endingen at Kaiserstuhl adds: “I liked the mix of lectures, detailed<br />
technical background information and live demonstrations. The two presenters answered a lot of<br />
questions, without losing the attention of about 20 to 25 people. On the other hand, the seminar<br />
content was just right for a free event.”<br />
The next workshop series with the topic “License Management” is currently in planning.<br />
3
<strong>Software</strong> <strong>Protection</strong>,<br />
<strong>Seen</strong> <strong>by</strong> a <strong>Hacker</strong><br />
4<br />
“Profit is not the only motivation for a<br />
hacker”, wrote Kris Kaspersky in his book<br />
<strong>Hacker</strong> Disassembling Uncovered. But<br />
that is the biggest motivation! The best<br />
known names in the hacker scene are<br />
very business orientated. Their motto<br />
seems to be: “I have enough knowledge<br />
and experience; I can make a lot of profit<br />
with little effort.”<br />
There are various ways to accomplish this:<br />
<strong>Hacker</strong>s offer their copied products for sale<br />
directly through online portals. Others are<br />
more subtle and offer their services for “undongleing”.<br />
Either way, such web sites are<br />
often professionally designed. Marketing is also<br />
part of the business: On many sites, you can find<br />
references about cracked software, and often<br />
demonstration versions are available too.<br />
How does a <strong>Hacker</strong> Proceed to<br />
Remove <strong>Software</strong> <strong>Protection</strong>?<br />
The experienced hacker uses an assortment of<br />
tools and methods. On the top of the list are:<br />
Memory Dumping<br />
Emulators (dummy drivers, record-/playback<br />
drivers and full-emulators)<br />
A Couple Of Byte Patches (ACOB)<br />
Example 1: Bypass the<br />
Serial Number<br />
Our first target is a game application, which<br />
can be downloaded from the Internet. The basic<br />
functions are available for free, but if the user<br />
wants to integrate his own pictures or music<br />
bits, he must buy the full version.<br />
In our case, the software developer used a<br />
simple protection scheme: The program file for<br />
the demonstration version and the full version<br />
is the same, but the additional paid features are<br />
activated via a personalized serial number.<br />
The experienced hacker foresees this and enters<br />
a random activation code. The result is an error<br />
message. This is the first start point. Then, the<br />
game is loaded into a debugger, e.g. OllyDebug,<br />
which is available for free and can be extended
y plug-ins. For example, one of the plug-ins<br />
makes the Win32-API function IsDebuggerPresent<br />
always return false. As a result, OllyDebug<br />
is now hidden from most of the debugger detection<br />
routines.<br />
Now, the hacker must find the real location in<br />
the game code. In our example, he sets a trigger<br />
to the error message display. This was done <strong>by</strong><br />
the MessageBox API function. By setting a<br />
breakpoint to the corresponding function code<br />
in the user32 module and after two or three<br />
returns, the hacker has detected the point of<br />
interest.<br />
With a tool like IDA pro, the game code can be<br />
disassembled and the location can be analyzed.<br />
In our example, the developer compares the<br />
content in the processor registers EAX and EBX;<br />
if identical, the license data is stored into the<br />
registry. Otherwise, on the next jump (JNZ...),<br />
the program jumps to the error message.<br />
Again, the software developer supports the<br />
hacker: In the EBX register, the wrong error<br />
code exists, and in the EAX register, there is the<br />
code expected <strong>by</strong> the software. The rest is easy:<br />
Save this code, continue in the debugger and<br />
enter the code found in the game. After that<br />
the software is “registered” and the hacker can<br />
use the game with all of its features. And its<br />
not just him: By this method, any serial number<br />
can be calculated and sold profitably.<br />
The example looks like an easy-to-do exercise<br />
for hackers, and for good reason: Many software<br />
developers make it too easy for hackers.<br />
To avoid boredom, a hacker could also crack it<br />
this way:<br />
1) Do a search of the error text and its references.<br />
2) Create an ACOB patch at the location of<br />
JNZ...; exchange <strong>by</strong> NOP; NOP.<br />
3) Analyze the call which is executed just before<br />
the comparison of EAX and EBX. Check<br />
the disassembler to see if this code is frequently<br />
referenced. Modify the called function<br />
code (ACOB) so that a fixed value is<br />
stored in EAX (example 0). Such a code could<br />
be MOV EAX, 0 - RET.<br />
Example 2: Removing of a Wrapper<br />
In this case study, the developer has put a<br />
wrapper around his compiled and linked software.<br />
The integration is very easy because the<br />
copy protection is added to the final executable<br />
file (.exe). In the original code, the developer<br />
has not changed anything.<br />
How does a wrapper work? The executable file<br />
is typically structured into several sections, aided<br />
<strong>by</strong> the PE (Portable Executable) header, which<br />
describes the size and the location of the sections<br />
and the OEP (Original Entry Point). The OEP is<br />
actually the start point of the application: After<br />
the executable file is loaded into the memory,<br />
its code is started here.<br />
The wrapper then encrypts all sections (with a<br />
few exceptions) and also adds a new section.<br />
Next, the OEP in the new PE header will be set<br />
to the start of this added section.<br />
After loading the software into the memory, the<br />
wrapper software starts first. If the correct license<br />
is available, the wrapper decrypts the encrypted<br />
sections and then branches to the old OEP.<br />
Here our hacker comes on stage: Just before the<br />
code in the OEP is executed, the entire program<br />
resides completely unencrypted in memory.<br />
Then, the hacker executes a memory dump. He<br />
then copies the content of the memory, <strong>by</strong>te <strong>by</strong><br />
<strong>by</strong>te back to the hard disk.<br />
Next, he stores the old OEP – where the processor<br />
just stopped – in the PE header and<br />
KNOW-HOW<br />
reconstructs the Import Address Table (IAT).<br />
The IAT tells the software how the latter communicates<br />
with the operating system: This is<br />
where all of the entry points into the Windows<br />
API are stored.<br />
For the Memory Dump, the hacker starts the<br />
Multi Generic Dumper (mgd). This tool loads<br />
the dump data into memory and tries to detect<br />
the OEP automatically. If this is successful, mgd<br />
stores the updated dump back to the hard disk.<br />
Should mgd unexpectedly fail, the hacker uses<br />
OllyDebug again, which supplies him or her<br />
with additional knowledge about the application.<br />
The option Trace real entry <strong>by</strong>tewise (very<br />
slow!) uses an autonomous function to find the<br />
OEP. If even this fails, the hacker can set a trigger<br />
to the activation and deactivation of the code<br />
memory write protection using the VirtualAlloc<br />
Win32 API function and then sets a break-onaccess<br />
breakpoint to the code segment.<br />
In the second step, our hacker starts the application<br />
and then an import reconstruction tool<br />
like ImpREC. Then he adds the protected application,<br />
enters the found OEP (the image base<br />
address, usually 0x400000, must be subtracted),<br />
and starts the IAT AutoSearch. Finally, he uses<br />
GetImports. For most of today’s wrapper technologies,<br />
the crack is nearly completed.<br />
If functions are not found <strong>by</strong> ImpREC (due to<br />
more complex copy protection), the hacker can<br />
select them manually or use an ImpREC plug<br />
in which finds the imports for a specific copy<br />
protection concealment.<br />
In the last step, the hacker starts the Fix Dump<br />
function and an executable is created without<br />
the wrapper. The result is an application without<br />
copy protection.<br />
In the next chapters, you can find out why the<br />
hacker will fail with applications, protected <strong>by</strong><br />
AxProtector or IxProtector. The methods we just<br />
explained do not work with our protection<br />
mechanisms.<br />
5
<strong>CodeMeter</strong> –<br />
New Technologies<br />
6<br />
<strong>Software</strong> developers have many alternatives<br />
to protect their software.<br />
To Make or to Buy?<br />
This is the first question which awaits an answer.<br />
Why not develop your own copy protection system?<br />
At first glance, it seems like the cheapest<br />
solution because no external product must be<br />
purchased and it seems individual enough that<br />
no standard hack from the Internet can be used.<br />
However, both assumptions are illusions: The<br />
self-made copy-protection development requires<br />
a lot of resources and even then your so called<br />
tricky solutions can be easily cheated with tools<br />
that are freely available on the Internet. Usually,<br />
only one employee is involved in the copy protection<br />
implementation. This also poses problems<br />
when he or she leaves the company. In the end,<br />
it is much better to concentrate on your own<br />
company’s strengths, and purchase a software<br />
protection solution.<br />
<strong>Software</strong>-Based or<br />
Hardware-Based <strong>Protection</strong>?<br />
This is the second important question: Is a pure<br />
software-based protection system better? It<br />
seems cheaper at first, because no hardware<br />
must be purchased and sent to the user. However,<br />
the protection level is low because the<br />
“protection hardware” that is used must be<br />
addressed via the operating system with well<br />
documented API functions – every hacker know<br />
all of them. Product activation (see box at right)<br />
provides only minimally higher protection and<br />
it is locked to a specific PC, eliminating license<br />
portability for the use.<br />
Why <strong>CodeMeter</strong>?<br />
<strong>CodeMeter</strong> unites the advantages of softwarebased<br />
activation and hardware-based protection.<br />
<strong>CodeMeter</strong> supplies several unique functionalities:<br />
Flexibility<br />
A thousand programs can be protected at once<br />
with a single CM-Stick. Many licensing models<br />
can be controlled <strong>by</strong> the CM-Stick without going<br />
to the expense of creating different code for<br />
the different license models like:<br />
Single user licenses<br />
Network licenses as “floating licenses” with<br />
a limit in the maximum concurrent use within<br />
this network.<br />
Test licenses with specific a number to restrict<br />
when the program starts.<br />
Rent or leasing licenses for a specific time<br />
with Expiration and/or Activation Date.<br />
Pay-per-use licenses, for example payment per<br />
clicks or <strong>by</strong> the number of executed features<br />
Modular licenses for optional modules<br />
Demo versions and try-before-you buy versions<br />
Licenses in a CM-Stick are activated at user’s<br />
site <strong>by</strong> a secure file based Field Activation or via<br />
Internet with our SOAP based CM-Talk protocol<br />
to a web server.<br />
<strong>CodeMeter</strong>, users do not need to install kernel<br />
drivers and do not need administrator rights.<br />
Security<br />
Patented methods for sharing a CM-Stick with<br />
many software companies. By using your<br />
own secret key. It’s even secure from WIBU-<br />
SYSTEMS and we invented the system.<br />
Variation of the encryption during runtime<br />
and encrypted USB communication between<br />
CM-Stick and the PC.<br />
<strong>Protection</strong> against hardware attacks<br />
Permanent locking of the <strong>CodeMeter</strong> hardware<br />
after detection of cracking attempts.<br />
Anti-Debugging-mechanisms in the protected<br />
software<br />
Time certificates for safe handling of activation<br />
and expiration times.<br />
Encryption of executable code and resources<br />
which are only decrypted in the PC’s RAM.
Even there, the program is never completely<br />
decrypted.<br />
Security that has never been broken in three<br />
advertised <strong>Hacker</strong> Contests<br />
Special Features for Users<br />
CM Password Manager<br />
Steganos Safe <strong>CodeMeter</strong> Edition: File <strong>Protection</strong><br />
with virtual drive, the key is stored<br />
in the CM-Stick<br />
SecuriKey: The CM-Stick is used as an access-control<br />
key for the PC<br />
Up to 2 GByte of flash memory in the CM-<br />
Stick/M variant to store access protected<br />
files on the CM-Stick/M or to store applications<br />
which use the <strong>CodeMeter</strong> security<br />
features in a mobile world.<br />
Easy Integration<br />
Our AxProtector tool provides protection automatically<br />
without of the need to modify any<br />
source code. It’s easy and only takes a couple<br />
of minutes. This tool works with 32-bit and<br />
64-bit Windows, .NET 1.1 and 2.0, MacOS X<br />
and Java. Many license models and individual<br />
user messages provide the highest flexibility<br />
available.<br />
Our IxProtector tool combines the flexibility<br />
source code modification with the highest antihacker<br />
security on the market. These sophisticated<br />
tools permit an easy integration of modular<br />
protection with encryption of code and resources<br />
with no need to know the complex protection<br />
schemes in the background.<br />
The API Guide code generator creates API sample<br />
code for C, C++, C#, VB6, VB.NET, Delphi and<br />
Java – code which can be easily integrated into<br />
your application.<br />
A single application file can be protected <strong>by</strong><br />
WibuKey or <strong>CodeMeter</strong>: Existing WibuKey<br />
customers can continue to use them for their<br />
existing users, but their new customers can gain<br />
advantages from the <strong>CodeMeter</strong> technology.<br />
Why is <strong>CodeMeter</strong> so<br />
cost effective?<br />
The startup costs are just 200 J for the complete<br />
software, documentation, an individual<br />
Firm Code and the first CM-Stick.<br />
The concept of storing licenses from many software<br />
companies for more than 1000 individual<br />
products in a single CM-Stick makes <strong>CodeMeter</strong><br />
a good choice for low-cost software and is a real<br />
alternative to software-based product activation.<br />
Two price models provide high flexibility: The<br />
“flat rate” with a universal license or a number<br />
of inexpensive flexible licenses.<br />
Activation with <strong>CodeMeter</strong><br />
Fully-automatic license transfer after registration.<br />
The high protection of the application forbids<br />
successful use without registration. No<br />
misuse of goodwill activations.<br />
Secure registration <strong>by</strong> public key cryptography<br />
– from the software publisher until<br />
to the CM-Stick at user site.<br />
License portability. The user can install the<br />
application on several PCs but can only use<br />
it on the system where the correct CM-Stick<br />
is attached.<br />
License backup feature at the user site is a<br />
safe warranty against loss or defect of a<br />
CM-Stick.<br />
A return of a license is possible without restrictions<br />
and without safety limitations.<br />
A license transfer from one CM-Stick to<br />
another is possible but, only under control<br />
of the <strong>Software</strong> publisher who can then<br />
register the new user.<br />
P R O D U C T<br />
What is Product Activation?<br />
The user installs software on his PC and usually<br />
enters a serial number. The protected software<br />
calculates a “finger print” of the specific PC’s<br />
hardware and sends this, usually via the Internet,<br />
to the software company, which calculates<br />
a corresponding “Activation Code”. Because the<br />
finger print is different for each PC, the activation<br />
code can be used only with this PC.<br />
7
AxProtector –<br />
Automatic <strong>Protection</strong><br />
8<br />
<strong>Software</strong> protected <strong>by</strong> traditional wrappers<br />
and software based copy protection<br />
schemes provide the hacker with his<br />
“Grand Opening”. Why? Because the<br />
“protected” program is completely decrypted<br />
in the memory just before it is<br />
started, and can usually be cracked easily<br />
with standard tools. If the tools are not<br />
powerful enough, the hacker can extend<br />
the power with his own plug-ins. This is<br />
a job for AxProtector!<br />
AxProtector goes into action against the hacker<br />
with the following processes:<br />
Modification of the original code<br />
Disguising the IAT<br />
On Demand Encryption<br />
The CM-Stick locks if a debugger is detected<br />
Principally, AxProtector works like a classic<br />
wrapper: It creates a new section, the AxEngine,<br />
which is attached to the original application<br />
code and all its sections are encrypted.<br />
Additionally, AxProtector disassembles the<br />
software to be protected and inserts jumps to<br />
the AxEngine. This creates a firm union between<br />
the software and wrapper.<br />
Beyond this modification the AxProtector dis-<br />
guises the IAT (Import Address Table) to aggravate<br />
its reconstruction using tools like ImpREC.<br />
The strongest weapon of the AxProtector is On-<br />
Demand Decryption: Parts of the protected application<br />
remain encrypted in the memory even<br />
after the application starts. These parts are<br />
decrypted only when actually accessed <strong>by</strong> the<br />
application.<br />
The attack described in the article “<strong>Software</strong><br />
<strong>Protection</strong>, <strong>Seen</strong> <strong>by</strong> a <strong>Hacker</strong>” does not work<br />
with AxProtector: The hacker has to manually<br />
analyze the software with a debugger and disassembler.<br />
Known automatic methods fail.<br />
With AxProtector, even if the hacker employs different<br />
methods, he ends up banging his head<br />
against a brick wall: AxEngine contains many
defense strategies against all typical attack<br />
methods. Depending on the selected option,<br />
such an attack could lead to the system locking<br />
all of the licenses <strong>by</strong> that software publisher in<br />
the CM-Stick. The locked licenses can only be<br />
reactivated remotely. It depends on the discretion<br />
of the publisher if this reactivation happens and<br />
how frequently.<br />
Using AxProtector<br />
AxProtector will be integrated into an application<br />
via an easy to use Graphical User Interface.<br />
The perfect software protection is realized in<br />
six steps:<br />
1) Select the file: Which file should be protected<br />
and where it should be saved?<br />
2) Select the type of hardware: <strong>CodeMeter</strong>, Wibu-<br />
Key or even both? Which license items (Firm<br />
Code, Product/User Code) are required for the<br />
protected application?<br />
3) License allocation: How does the application<br />
search the protection hardware? Is it local,<br />
network-based or both and how should<br />
licenses be utilized?<br />
4) Runtime setting: How does the application<br />
access the hardware during execution? How<br />
frequently is a check desired? Should license<br />
violations be displayed as warnings or stop<br />
the program?<br />
5) Security options: Some options are incompatible<br />
with the software that is protected,<br />
so most of the security options can be individually<br />
deactivated.<br />
6) Error messages: Should standard error message<br />
boxes be used, or should messages be<br />
customized? Example: “This module is not<br />
activated. If you would like to buy it, please<br />
click here.”<br />
The last page of the GUI application provides<br />
you with an overview of all selected options.<br />
Finally you have to plug the FSB (Firm Security<br />
Box) to your PC, click “Finish” and the software<br />
protection is completely done!<br />
The output window shows a summary of the<br />
used protection scheme. All command line<br />
options are also listed here. These can be used<br />
optionally in a batch file or in a makefile to<br />
integrate the software protection directly into<br />
your automatic build process.<br />
License Management with<br />
AxProtector<br />
AxProtector automatically integrates all license<br />
forms into the software. The specific license<br />
model depends on the programming of the CM-<br />
Stick: All customers can receive the same<br />
executable file, so identical CDs are always<br />
burned – along with individually programmed<br />
CM-Sticks.<br />
Example: Time-restricted<br />
Demo Version<br />
For this option, the CM-Stick receives an Expiration<br />
Time option. The software can be used<br />
without restriction until the specified time. After<br />
that it can no longer be started.<br />
If the user wants to buy the software, the CM-<br />
Stick can be quickly reactivated – just <strong>by</strong> deleting<br />
the Expiration Time option. Field Activation<br />
(Remote Programming) handles this operation<br />
– the user never has to send back his CM-Stick<br />
(or WIBU-BOX).<br />
As an alternative, a Unit Counter can be used:<br />
It does not limit the absolute time, rather the<br />
number of executions or the total time of application<br />
execution. Unit Counters and Expiration<br />
Times can also be used at the same time to<br />
supply absolute and execution-based time<br />
restrictions.<br />
P R O D U C T<br />
Example: Network Licenses<br />
If the user wants to use a software product with<br />
a floating license in a network, it is easy to program<br />
a license counter into the CM-Stick.<br />
The user can plug the CM-Stick in at any PC in<br />
his or her network and activate it via the Web-<br />
Admin the License Server option. The License<br />
Server is integrated as a part of the <strong>CodeMeter</strong><br />
Runtime Kit. The software can now be started<br />
from any computer on the network, but limited<br />
in quantity <strong>by</strong> the license counter.<br />
One Hardware Type for<br />
all Purposes<br />
Each CM-Stick contains a simulated real-time<br />
and can contain more than 1000 Unit and License<br />
Counter. A simple programming operation is all<br />
it takes to utilize many different license types<br />
for any kind of application.<br />
A CM-Stick can store more than 1000 licenses<br />
from different software publishers. If a user already<br />
has a CM-Stick, Field Activation can be<br />
used for new licenses – no new hardware is<br />
required.<br />
Field Activation can be file based (with an exchange<br />
of a Context File and a Update File) or<br />
protocol based, using the SOAP protocol and<br />
a web service.<br />
9
IxProtector – Integration<br />
into the Source Code<br />
10<br />
The AxProctector puts high security at<br />
your fingertips in just minutes. In many<br />
situations, this is the perfect software<br />
protection. If you want even more customized<br />
protection, then we have IxProtector.<br />
IxProtector for Modular <strong>Protection</strong><br />
The IxProtector protects different modules in<br />
an application with different licenses. This<br />
means that there is a single file for all customers,<br />
and the user can use the activated features<br />
which are programmed into the CM-Stick.<br />
Modules can be defined up to single functions<br />
in the source.<br />
IxProtector for Pay-per-Use<br />
IxProtector permits the setup of Pay-per-Use individually<br />
for different modules – they can use<br />
a shared Unit Counter with different “cost<br />
factors“ or use several independent Counters.<br />
If an unrestricted module is needed, the accessed<br />
Unit Counter can be removed from the<br />
CM-Stick (see AxProtector). The protected file<br />
does not require any modification.<br />
IxProtector for More Security<br />
The IxProtector encrypts single ranges of executable<br />
code. The developer decides when the<br />
code is decrypted before it is used. After use,<br />
the code can be encrypted again. This On-Demand-Decryption<br />
schema is very individual and<br />
difficult to understand for a hacker.<br />
WIBU Universal <strong>Protection</strong> Interface<br />
The IxProtector contains the WupiEngine32.dll.<br />
It supplies the WIBU Universal <strong>Protection</strong> Interface<br />
(WUPI) with the IxProtector functions.
WUPI permits the access of the <strong>CodeMeter</strong> and<br />
WibuKey hardware at same time without their<br />
different and unique native APIs. Licenses can<br />
be defined so they can use a <strong>CodeMeter</strong> Product<br />
Code or a WibuKey User Code.<br />
WupiAllocateLicense can access <strong>CodeMeter</strong> or<br />
WibuKey licenses locally or on the network. Wupi-<br />
FreeLicense releases it again. WupiCheckLicense<br />
just checks if a specific License is actually available<br />
in a CM-Stick or WIBU-BOX.<br />
WupiDecryptCode permits the decryption of an<br />
encrypted range of code or data. After execution<br />
or use, the code or data can be encrypted again<br />
with WupiEncryptCode.<br />
WupiDecreaseUnitCounter implements the individual<br />
count down of a Unit Counter (or WibuKey<br />
Limit Counter).<br />
The WupiEngine32.dll contains all functions only<br />
as dummies. They do not execute any encryption<br />
or decryption but always return “completed”.<br />
These dummies allow an unencrypted application<br />
to be loaded in a debugger and tested without<br />
restriction.<br />
Define a License<br />
The developer has to define licenses which are<br />
used to fulfill an encryption or decryption.<br />
A license with name General, requiring a CM-<br />
Stick with Firm Code 100225 and Product Code<br />
295 or a WIBU-BOX with Firm Code 2194 and<br />
User Code 478 is defined as follow:<br />
This permits the definition of encryption options,<br />
which are attached to Areas. Here is an example<br />
where an area with the name Std, uses the<br />
General license.<br />
Last but not least, we need a definition of the<br />
functions which define the modules to be protected<br />
and which should be encrypted. The following<br />
example encrypts two methods. In DrawFractal,<br />
the first 16 <strong>by</strong>tes are encrypted, and in FillDialog<br />
the first 32 <strong>by</strong>tes are encrypted. Both functions<br />
use the Std area and the General license.<br />
P R O D U C T<br />
Finally we need a header structure which connects<br />
all of this information:<br />
Encrypt the <strong>Software</strong><br />
Now the software will be encrypted <strong>by</strong> AxProtector<br />
(which actually also implements the<br />
IxProtector). The IxProtector encrypts the defined<br />
code or data ranges and the WupiEngine32.dll<br />
dummy is replaced <strong>by</strong> the real IxEngine with<br />
secure code and supplied <strong>by</strong> the IxProtector.<br />
Add the Native API<br />
Beyond WUPI, the native <strong>CodeMeter</strong> and Wibu-<br />
Key APIs can be used also. Field Activation, for<br />
example, can be directly integrated into the<br />
application, and the LED at the CM-Stick can<br />
be switched on and off.<br />
To use the CM-API more easily, the desired API<br />
calls can be interactively defined in the CM-API-<br />
Guide creating easy-to-integrate native code in<br />
all modern programming languages.<br />
11
SmartShelter|PDF and<br />
SmartShelter|Media<br />
12<br />
P R O D U C T<br />
The SmartShelter product family has received two recent additions: SmartShelter|PDF<br />
to protect PDF documents and SmartShelter|Media to protect video and audio files.<br />
SmartShelter|PDF<br />
The PDF standard permits 40-bit or 128-bit<br />
document encryption and the setting of restrictions<br />
to modify, copy, print, etc. But these<br />
protection mechanisms can be defeated with<br />
easy-to-use tools from the Internet. Better encryption<br />
was not available until Acrobat Reader<br />
5 and documents protected with older versions<br />
cannot be defined as “hacker-safe”. Newer<br />
Acrobat products support strong encryption but<br />
if the password is lost, the document content<br />
is lost forever.<br />
All these obstacles are overcome with Smart-<br />
Shelter|PDF from WIBU-SYSTEMS. First a plugin<br />
is integrated into Acrobat or Acrobat Reader.<br />
Passwords are no longer entered via the Adobe<br />
software but are now supplied from the attached<br />
CM-Stick or WIBU-BOX. The desired document<br />
is encrypted with a 32-character random key-<br />
word. Whoever wants to read the document<br />
needs both the Acrobat plug-In and the CM-<br />
Stick or the WIBU-BOX.<br />
This protection method has a lot of advantages:<br />
The document is protected with a strong password<br />
which is randomly created. And each PDF<br />
file will receive a unique password. These Long<br />
and randomly generated character sequences<br />
make password cracking much more difficult.<br />
On the other hand, people who create or read<br />
the document no longer need to bother with<br />
password management. The passwords are<br />
read automatically from the protection hardware<br />
and cannot get lost.<br />
SmartShelter|PDF is very useful for the batchoperation<br />
in Adobe Acrobat, where a lot of PDF<br />
files are created automatically. In the same<br />
manner SmartShelter|PDF permits the encryption<br />
of a bunch of files automatically.<br />
SmartShelter|Media<br />
After cracking the DVD encryption standard CSS<br />
in the fall of 1999, the encryption experts had<br />
their fun: The crack showed a serious design<br />
flaw. The player key which is required to playback<br />
the encrypted DVD was stored completely<br />
in the code in the RAM and could be easily<br />
hacked from there.<br />
This situation is prevented <strong>by</strong> using Smart-<br />
Shelter|Media. The decision to encrypt video<br />
and audio files with <strong>CodeMeter</strong> technologies<br />
guarantees that required information will never<br />
again be completely available in memory unencrypted.<br />
The principle is this: After specifying the license<br />
parameters the SmartShelter|Media Archive Tool<br />
encrypts the media data in several blocks and<br />
stores them in the archive file. All extended<br />
security functions of <strong>CodeMeter</strong>; like checking<br />
an expiration time or reducing a Unit Counter<br />
can be activated during the encryption. Archive<br />
Files also allow the storing of several files.<br />
The encrypted archive file can be played back<br />
only via the SmartShelter|Media Player. This<br />
requires a CM-Stick with the suitable license.<br />
The player reads the file block <strong>by</strong> block and then<br />
each block is decrypted <strong>by</strong> the CM-Stick and<br />
played. If the CM-Stick is unplugged the playing<br />
stops immediately. Therefore at no time is the<br />
media data completely unencrypted in memory<br />
where a hacker could start an attack.<br />
SmartShelter|Media supports the common audio<br />
and video formats, including MP3, WAV, MPEG<br />
and AVI. Videos can be played back in the full<br />
screen version.
Briefly Presented<br />
New <strong>CodeMeter</strong> WebAdmin<br />
The <strong>CodeMeter</strong> WebAdmin has received a new design in version 3. Settings are now easily chosen<br />
and license and user data is clearly displayed. Useful for developers and system administrators and<br />
also for end users who use <strong>CodeMeter</strong>-licensed software!<br />
Patents for <strong>CodeMeter</strong><br />
The first patent “Procedure for the protection of<br />
computer software and/or computer-readable<br />
data as well as protective equipment” was<br />
granted in Europe in 2005. Patents were granted<br />
in Japan in the beginning of 2006. In September<br />
of this year patents were also granted in the<br />
USA. Important further<br />
patent applications are<br />
pending worldwide.<br />
WibuKey Microsoft-Certified<br />
The WibuKey Driver now qualifies for Microsoft’s<br />
prestigious Windows Logo Program. USB style<br />
WIBU-BOXes now qualify under WHQL<br />
certification. Knowledgeable users<br />
understand these certifications and<br />
trust hardware that earns them.<br />
<strong>CodeMeter</strong> <strong>Software</strong> 3.10 available<br />
Many enhancements are part of <strong>CodeMeter</strong> <strong>Software</strong><br />
version 3.10: Improved detection of the<br />
CM-Stick, 64-bit support, protection for Java applications<br />
and much more. The automatic .NET protection<br />
is redesigned at the moment and will be<br />
available in the next product version release.<br />
Easier update of CM-Sticks per file<br />
To create a license or to update items, it is no<br />
longer a requirement that the CM-Stick be at the<br />
licensor site. This can also happen at the user<br />
site with CM-Talk via the Internet or <strong>by</strong> sending<br />
a WibuCmRaU update file. In the past the user<br />
always had to create a new WibuCmRaC context<br />
file before each modification. In the new system<br />
the licensor can create the new WibuCmRaM file<br />
which describes the new context after the modification<br />
at user site and can be used to create the<br />
next WibuCmRamU update file. This significantly<br />
simplifies the repeated update of software.<br />
CM-Card now available<br />
The CM-Card, product number 1020-01, combines<br />
the WIBU-BOX/+, a CM-Stick and 256<br />
MByte flash memory in a single CardBus card<br />
which can be used in all modern notebooks. The<br />
CM-Card is RoHS compliant and replaces the<br />
WIBU-BOX/M. It will be available in larger quantities<br />
in 4th quarter of 2006.<br />
BILLBOARD<br />
CM-Stick/M also with 2 GB memory<br />
The CM-Stick/M 2 GB, product number 1011-01-<br />
105, is also coming in 4th quarter of 2006. Because<br />
of dropping memory prices, the CM-Stick/<br />
M 256 is available for the same price as the CM-<br />
Stick/M 128, which is no longer in production.<br />
eBooks in <strong>CodeMeter</strong> Portal<br />
Electronic versions of many books <strong>by</strong> Franzis Publishing<br />
are available as <strong>CodeMeter</strong>-protected<br />
PDF files at www.codemeter.de. The eBooks are<br />
much cheaper than the printed books and available<br />
24 hours a day, 7 days a week. This is a<br />
good example for using <strong>CodeMeter</strong> to protect<br />
documents in the low cost market.<br />
Fairs and Events in Fall<br />
Germany: SYSTEMS<br />
Hall A4, Booth 15,<br />
October 23-27, 2006, Munich<br />
United Kingdom: ESWC European<br />
Shareware Conference<br />
November 4-5, 2006, Cambridge<br />
Germany: PRIO Conference<br />
November 15-16, 2006, Baden-Baden<br />
USA: SoftSummit<br />
(www.softsummit.com),<br />
November 17-18, 2006, Santa Clara<br />
USA: Free <strong>Software</strong> <strong>Protection</strong> Days,<br />
half day workshops in different locations<br />
across the USA and Canada: Detailed<br />
information at www.wibu.us/protdays<br />
United Kingdom: DevWeek 2007<br />
February 26-March 2, 2007, London<br />
<strong>Software</strong> <strong>Protection</strong> Days are also planned<br />
for Belgium, The Netherlands, United Kingdom<br />
and Ireland: Between October 2006<br />
and June 2007 there will be 30 events at<br />
many different locations, see details at the<br />
last page of this KEYnote magazine.<br />
13
14<br />
CASE STUDY<br />
We have changed to<br />
<strong>CodeMeter</strong><br />
“We decided on <strong>CodeMeter</strong> because we have<br />
had a great experience with WibuKey for many<br />
years. With our expansion into new markets,<br />
we can use the flexible licensing possibilities<br />
and the memory option of <strong>CodeMeter</strong>. The time<br />
server functions used in combination with an<br />
optional locking feature of <strong>CodeMeter</strong> has especially<br />
convinced us to also ship our products<br />
to Asian markets.”<br />
Peter Fürle<br />
CEO elusoft GmbH, Dettenhausen, Germany<br />
“eSim Games selected WIBU <strong>CodeMeter</strong>, because<br />
it is both customer-friendly and very secure<br />
at same time. <strong>CodeMeter</strong>-protected applications<br />
permit backups and eliminate involved and unreliable<br />
CD-ROM checks, which are laughed at<br />
<strong>by</strong> hackers and a disadvantage for honest customers.<br />
We wanted to reward the honesty of our<br />
customers. That is why we chose this solution.”<br />
Nils Hinrichsen<br />
CEO, eSim Games Deutschland GmbH<br />
“After a long and detailed testing phase we decided<br />
for <strong>CodeMeter</strong> for the software protection<br />
of our SQL-Line. Important in this decision was<br />
the network functionality of <strong>CodeMeter</strong> which<br />
permits, with one dongle the control of network<br />
licenses without further efforts. The remote programming<br />
of <strong>CodeMeter</strong> was also an important<br />
point. For integration decisions in our products,<br />
not only was general support available, but Mr.<br />
Kügler as a Delphi expert was also available to<br />
answer all our questions – an important advantage!”<br />
Arno Freisinger<br />
CEO, AFS-<strong>Software</strong> GmbH & Co KG,<br />
Bad Hersfeld, Germany<br />
“We were searching for a very flexible solution for the world-wide<br />
users of our traffic planning software, PTV Vision – <strong>CodeMeter</strong><br />
fulfills all our requirements including license management on<br />
our site, licensing on a single PC or on a user’s network.”<br />
Dr. Hans Hubschneider<br />
CEO PTV AG, Karlsruhe, Germany<br />
“We have decided to use <strong>CodeMeter</strong> to protect our investments<br />
in the professional Samplitude and Sequoia audio software. We<br />
are especially pleased with the many marketing options made<br />
possible <strong>by</strong> using the CM-Stick to manage many different licensing<br />
models”.<br />
Tilmann Herberger<br />
CTO, Magix AG, Dresden, Germany<br />
“Among the many options of software licensing,<br />
the CM-Stick fit best with our existing concept.<br />
We were looking for a successor product of our<br />
former hardware-based license system which<br />
was no longer available. By its many available<br />
standard functions, we could integrate CM-Stick<br />
with minimal effort in our software. And last<br />
but not least the effective and fast answers to<br />
questions and solutions to problems was a<br />
decisive factor for WIBU. And the decision was<br />
no mistake!<br />
Christof Brügger<br />
Technical Support & Process, Alcatel SEL AG,<br />
Stuttgart, Germany
Get the advantages of <strong>Software</strong> <strong>Protection</strong><br />
while playing: Simulation software<br />
of eSim Games uses <strong>CodeMeter</strong><br />
eSim Games is an independent developer in<br />
the market of “serious military games”. These<br />
are applications, designed using methods and<br />
technologies, which support “revealed learning<br />
strategies”. This means the user discovers the<br />
rules of the education subject <strong>by</strong> playfully varying<br />
its behavior.<br />
The market for military educational software has<br />
a comparatively long tradition. The considerable<br />
progress in the power of PC calculation coupled<br />
with graphic power now permit the cost reduction<br />
potential of Serious Games and also creates<br />
new areas of application for simulation and<br />
computer games.<br />
For example, classic battle simulators for three<br />
or four tank crews were sold 15 years ago for<br />
several million Deutschmark. In contrast the<br />
“Steel Beasts Professional” (“SB Pro”) provides<br />
the same functionality for less than 5000 J per<br />
user today – as long as the exact reproduction<br />
of the battle field and its complete instrumentation<br />
is not required.<br />
With the “Personal Edition” of Steel Beasts Professional<br />
(“SB Pro PE”) eSim is going even further:<br />
For about 100 J anyone can buy the software<br />
and use it on his or her private PC. So now they<br />
Steel Beasts of<br />
eSim Games<br />
get very close to the price of normal computer<br />
games.<br />
But: Such low prices are only possible if software<br />
piracy is out of the question. Otherwise<br />
the revenue loss from illegal copies has to be<br />
added into the price.<br />
Normal copy protection for computer games<br />
was never worthwhile in this context. Instead,<br />
unnecessary procedures are imposed on the<br />
customer which even threaten the integrity of<br />
the computer system.<br />
By using CM-Stick for “SB Pro PE” eSim Games<br />
will intentionally set an example especially for<br />
independent and small development companies:<br />
Alternatives to common copy protection<br />
is possible, the privacy of the customer is guaranteed<br />
and everybody can learn how to use<br />
<strong>CodeMeter</strong> quickly and easily.<br />
Especially if <strong>CodeMeter</strong> is already available at<br />
the customer site, the cost stays in the cost<br />
range of traditional copy protection, but the<br />
protection is much better. Also, the <strong>CodeMeter</strong><br />
portal provides a risk free digital distribution<br />
channel which can be used at the same time<br />
as other channels.<br />
Moreover, <strong>CodeMeter</strong> permits very flexible<br />
license models which are geared to individual<br />
unique requirements. The customers of eSim<br />
Games normally use only a limited number of<br />
licenses for daily education. But sometimes, extensive<br />
maneuvers are simulated.<br />
For such requirement peaks, the game developer<br />
offers temporary licenses: For a fraction of the<br />
cost of a full license another potential revenue<br />
source is available. And as free-of-charge service<br />
offers they support the company to easily find<br />
their profile in the market.<br />
<strong>CodeMeter</strong> does the job for<br />
eSim’s Steel Beasts Professional.<br />
CASE STUDY<br />
15
Perfect Consulting for You…<br />
Free <strong>Software</strong> <strong>Protection</strong> Days 2006<br />
Beginning in October 2006, WIBU-SYSTEMS USA will tour North America to help you protect your code<br />
against illegal use and reverse engineering. Register now for one of our “Lunch & Learn” seminars and<br />
receive a complimentary <strong>CodeMeter</strong> Developer’s Kit with 256 MB secure flash memory (worth $149). Meet<br />
us at one of the following locations in USA and Canada:<br />
Oct 19: San Jose, CA<br />
Oct 20: San Francisco, CA<br />
Oct 31: Chicago, IL<br />
Nov 1: St. Louis, MO<br />
Nov 2: Kansas City, KS<br />
Nov 7: Atlanta, GA<br />
Nov 8: Dallas, Ft Worth, TX<br />
Nov 9: Houston, TX<br />
Nov 15: Baltimore, MD<br />
Secure Code seminars 2006/2007<br />
WIBU-SYSTEMS is offering you the opportunity to attend a special seminar on the protection of your code<br />
against illegal usage and reverse engineering. Register now for one of the 30 Secure Code seminars in Belgium,<br />
The Netherlands, UK and Ireland and receive a complimentary <strong>CodeMeter</strong> Developer’s Kit with 256 MByte<br />
secure flash memory, worth J 125/£ 87.<br />
The agenda is as follows:<br />
Registration, buffet and coffee/tea<br />
Defend applications against code-cracking tools<br />
<strong>CodeMeter</strong> and WIBU-BOX<br />
Pause<br />
Content protection and Web-authentication<br />
Live demo of protection code<br />
Drinks<br />
Detailed information registration at www.wibu-systems.nl, www.wibu.be or www.wibu.co.uk.<br />
Utrecht, NL, 31.10.2006<br />
Edinburgh, UK, 08.11.2006<br />
Den Haag, NL, 14.11.2006<br />
Tonbridge, UK, 21.11.2006<br />
Birmingham, UK, 29.11.2006<br />
Leeds, UK, 06.12.2006<br />
Belfast, UK, 13.12.2006<br />
Nov 16: New York City, NT<br />
Nov 17: Boston, MA<br />
Nov 20: Los Angeles, CA<br />
Nov 21: Salt Lake City, UT<br />
Dec 6: Toronto, ON<br />
Dec 7: Montreal, PQ<br />
Detailed information at:<br />
www.wibu.us/protdays<br />
Norwich, UK, 24.01.2007<br />
Cardiff, UK, 07.02.2007<br />
Gent, BE, 13.02.2007<br />
Guildford, UK, 20.02.2007<br />
Sheffield, UK, 07.03.2007<br />
Antwerpen, BE, 14.03.2007<br />
Dublin, IE, 28.03.2007<br />
Glasgow, UK, 04.04.2007<br />
Oxford, UK, 18.04.2007<br />
Amsterdam, NL, 25.04.2007<br />
Hammersmith, UK, 23.05.2007<br />
Liverpool, UK, 30.05.2007<br />
Eindhoven, NL, 05.06.2007<br />
London, UK, 12.06.2007<br />
Further trainings are offered on site and at our German headquarters. See more information<br />
at www.wibu.de/trainings.php. Training in other countries on request.<br />
C O U R S E S<br />
Imprint<br />
KEYnote<br />
12th edition, fall 2006<br />
Publisher:<br />
WIBU-SYSTEMS AG<br />
Rueppurrer Strasse 52-54<br />
76137 Karlsruhe, Germany<br />
Phone +49 721 93172-0<br />
Fax +49 721 93172-22<br />
info@wibu.de<br />
www.wibu.de<br />
Responsible for the<br />
Contents:<br />
Oliver Winzenried<br />
Editors:<br />
Marcellus Buchheit<br />
Nils Hinrichsen<br />
Rüdiger Kügler<br />
Stefan Nikolaus<br />
Oliver Winzenried<br />
Design und Produktion:<br />
Art Crash<br />
Werbeagentur GmbH<br />
Weberstrasse 9<br />
76133 Karlsruhe, Germany<br />
www.artcrash.com<br />
Letters are welcome at any<br />
time. They are protected <strong>by</strong><br />
the press secret. Articles<br />
identified <strong>by</strong> name do not<br />
necessarily reflect the opinion<br />
of the editors.<br />
WIBU, <strong>CodeMeter</strong> and SmartShelter<br />
are international trademarks of WIBU-<br />
SYSTEMS. All other trademarks belong<br />
to their respective holders. © 2006<br />
WIBU-SYSTEMS. All rights reserved.