Ice Dragon
08-03-2001, 04:57
"For GSM developers, a suggestion:
Most programs are secured with dongles like that of Dejan's, Hardlocks, HASP, etc. This has been proved to be very difficult in cracking/hacking if not "uncrackable".
While programmers who don't have that much to dongle-protect their programs tend to put a registration key access to their programs which are crackable. And most customers with hacker-instinct or with generous tendencies give away their registration keys to anybody they like which in turn is a loss to the programmer. Or worse, they buy/register the soft for example US$25 and resell it to their customers for about US$15 with the agreement that the customers use his registration ID and any compaints/ask for support or upgrades should be asked from him which he in turn asks the developer/producer. Still, it's the programmers/developers loss. He only has say 50 legal customers but his program is being used by more than 200.
Can't also blame if the developers would ask for subscription or pay as you use-the-feature (like that of Dejan 1.04) so that the developer could monitor his legally registered program from his clients.
Okey that said, let's say we developed a Windows-based Flasher for use with AMD computers and laptops with MCU/PPM update feature but we don't have that much resources for a dongle-secured program or just want to gain more income by not investing with a dongle.
Instead use an old Intel Pentium 133 computer that runs on a Windows 95 connected to a Nokia 5110 via a data cable for remote authorization by:<br />Registering:<br />1. Let the program downloadable from the internet.<br />2. Program is installed and asks to be connected to a Flasher interface for registration.<br />3. Using MBUS protocol, program sends an SMS via the Flasher interface containing the phone's mobile number together with the registrants name and email address in the format:<br />FLASHBOX /+639101234567 /Ice Dragon /icedraagon@yahoo.com<br />to a designated mobile number.<br />4. Remote computer receives the SMS, logs the message and sends the compressed data to the registrant.<br />5. Registrant receives the message but can't be displayed ("Message cannot be displayed here") then he let it stay on his SIM's inbox, taking care not to accidentally erase it. This will act as his registration code to use the program.<br />Note:SMS messages sent/received:<br />(RC-remote computer, EU-end user)<br />EU->RC:1<br />RC->EU:1
Using the program:<br />1. End-user transfers the SIM to the phone he wants to flash.<br />2. Program checks how many times it has sucessfully flashed phones. If it reaches the maximum number of units flashed, program asks the user to update his subscription to continue using the program.<br />3. If maximum is not reached or subscription has not expired, program sends an SMS containing the current phone's IMEI to the designated mobile number.<br />4. Remote computer checks the sender's mobile number with its list and checks how many times it has sucessfully flashed phones. If maximum number was reached or subscription has expired, remote computer ignores the request but logs the incident.<br />5. If subscription has not yet expired, computer logs the request, sends an SMS the authorization code for the IMEI number and puts a flag to increment the number of phones sucessfully flashed.<br />6. Program decodes the authorization code from the phone, rechecks the IMEI number and flashing resumes.<br />7. If flashing fails, program sends an SMS to hold the updating of number of phones flashed.<br />Remote computer logs the incident and waits for final outcome. Flashing retries until program sucessfully flashed the phone.<br />8. If flashing is sucessful or has been cancelled, program resends the authorization code to the designated mobile number and increments the number of phones flashed then removes the authorization message from the SIM's inbox.<br />9. Remote computer receives the SMS as acknowledgement and officially updates the number of phones flashed. An SMS is sent containing an update of number of phones flashed. If number is reached or subscription expires, an SMS is sent only once stating subscription has expired and any communication should be done by email. Remote computer also sends the log to the email address of the end-user for his file.<br />Note:SMS messages sent/received per unit flashed:<br />(RC-remote computer, EU-end user)<br />EU->RC:3<br />RC->EU:2
<br />This setup uses the SIM as the "Subscriber Identification Module for Remote Authorization" (SIMRA) and does away the dongle protection.
Suggested start capital for project:US$800
Project cost (MSP rate depends on every country):
Remote computer for authorization (low budget: Intel P133 with 32MB RAM and 4GB hardisk, Uninterruptible Power Supply (UPS), Nokia 5110 with data cable): <br />US$700
Monthly cost:<br />Monthly Service Provider (MSP) subscription: <br />US$15
Monthly electrical consumption (24-7,<br />does anybody know how many watts a computer in this set up consumes in one hour?) <br />Let's say computer consumes 84W per hour or 1KW in 12 hours and 1KW costs US$.07:<br />US$52<br />Monthly contingency:US$8
Total monthly cost:US$75
Suggested registration cost: US$45 with initial of 100 uses for first one month.<br />Suggested subscription should be US$25 per 100 uses per month.<br />Half of remaining number of uses not consumed for the month shall be carried over the next month.
Target customers for return of investment in one month:18 (at US$45 per registrant)<br />Suceeding subscription shall cover the monthly costs so we should have at least 3 subscribing customers per month.<br />The other remaining 15 customers (at US$25) shall be the monthly income of about US$375/month.<br />So in 3 months: US$1,125<br />In 6 months: US$2,250<br />In one year: US$4,500"
Suggestion from Sol Seva, member:Ice Dragon Ally<br />During a group gathering last Aug. 1, 2001<br />Bacolod City, Philippines
Most programs are secured with dongles like that of Dejan's, Hardlocks, HASP, etc. This has been proved to be very difficult in cracking/hacking if not "uncrackable".
While programmers who don't have that much to dongle-protect their programs tend to put a registration key access to their programs which are crackable. And most customers with hacker-instinct or with generous tendencies give away their registration keys to anybody they like which in turn is a loss to the programmer. Or worse, they buy/register the soft for example US$25 and resell it to their customers for about US$15 with the agreement that the customers use his registration ID and any compaints/ask for support or upgrades should be asked from him which he in turn asks the developer/producer. Still, it's the programmers/developers loss. He only has say 50 legal customers but his program is being used by more than 200.
Can't also blame if the developers would ask for subscription or pay as you use-the-feature (like that of Dejan 1.04) so that the developer could monitor his legally registered program from his clients.
Okey that said, let's say we developed a Windows-based Flasher for use with AMD computers and laptops with MCU/PPM update feature but we don't have that much resources for a dongle-secured program or just want to gain more income by not investing with a dongle.
Instead use an old Intel Pentium 133 computer that runs on a Windows 95 connected to a Nokia 5110 via a data cable for remote authorization by:<br />Registering:<br />1. Let the program downloadable from the internet.<br />2. Program is installed and asks to be connected to a Flasher interface for registration.<br />3. Using MBUS protocol, program sends an SMS via the Flasher interface containing the phone's mobile number together with the registrants name and email address in the format:<br />FLASHBOX /+639101234567 /Ice Dragon /icedraagon@yahoo.com<br />to a designated mobile number.<br />4. Remote computer receives the SMS, logs the message and sends the compressed data to the registrant.<br />5. Registrant receives the message but can't be displayed ("Message cannot be displayed here") then he let it stay on his SIM's inbox, taking care not to accidentally erase it. This will act as his registration code to use the program.<br />Note:SMS messages sent/received:<br />(RC-remote computer, EU-end user)<br />EU->RC:1<br />RC->EU:1
Using the program:<br />1. End-user transfers the SIM to the phone he wants to flash.<br />2. Program checks how many times it has sucessfully flashed phones. If it reaches the maximum number of units flashed, program asks the user to update his subscription to continue using the program.<br />3. If maximum is not reached or subscription has not expired, program sends an SMS containing the current phone's IMEI to the designated mobile number.<br />4. Remote computer checks the sender's mobile number with its list and checks how many times it has sucessfully flashed phones. If maximum number was reached or subscription has expired, remote computer ignores the request but logs the incident.<br />5. If subscription has not yet expired, computer logs the request, sends an SMS the authorization code for the IMEI number and puts a flag to increment the number of phones sucessfully flashed.<br />6. Program decodes the authorization code from the phone, rechecks the IMEI number and flashing resumes.<br />7. If flashing fails, program sends an SMS to hold the updating of number of phones flashed.<br />Remote computer logs the incident and waits for final outcome. Flashing retries until program sucessfully flashed the phone.<br />8. If flashing is sucessful or has been cancelled, program resends the authorization code to the designated mobile number and increments the number of phones flashed then removes the authorization message from the SIM's inbox.<br />9. Remote computer receives the SMS as acknowledgement and officially updates the number of phones flashed. An SMS is sent containing an update of number of phones flashed. If number is reached or subscription expires, an SMS is sent only once stating subscription has expired and any communication should be done by email. Remote computer also sends the log to the email address of the end-user for his file.<br />Note:SMS messages sent/received per unit flashed:<br />(RC-remote computer, EU-end user)<br />EU->RC:3<br />RC->EU:2
<br />This setup uses the SIM as the "Subscriber Identification Module for Remote Authorization" (SIMRA) and does away the dongle protection.
Suggested start capital for project:US$800
Project cost (MSP rate depends on every country):
Remote computer for authorization (low budget: Intel P133 with 32MB RAM and 4GB hardisk, Uninterruptible Power Supply (UPS), Nokia 5110 with data cable): <br />US$700
Monthly cost:<br />Monthly Service Provider (MSP) subscription: <br />US$15
Monthly electrical consumption (24-7,<br />does anybody know how many watts a computer in this set up consumes in one hour?) <br />Let's say computer consumes 84W per hour or 1KW in 12 hours and 1KW costs US$.07:<br />US$52<br />Monthly contingency:US$8
Total monthly cost:US$75
Suggested registration cost: US$45 with initial of 100 uses for first one month.<br />Suggested subscription should be US$25 per 100 uses per month.<br />Half of remaining number of uses not consumed for the month shall be carried over the next month.
Target customers for return of investment in one month:18 (at US$45 per registrant)<br />Suceeding subscription shall cover the monthly costs so we should have at least 3 subscribing customers per month.<br />The other remaining 15 customers (at US$25) shall be the monthly income of about US$375/month.<br />So in 3 months: US$1,125<br />In 6 months: US$2,250<br />In one year: US$4,500"
Suggestion from Sol Seva, member:Ice Dragon Ally<br />During a group gathering last Aug. 1, 2001<br />Bacolod City, Philippines