I came across the following code in a Mint installation today, and was pretty shocked. I’d never really considered that someone would want to pirate a $30 php product, but apparently I was quite wrong:
/* Code removed at the request of Shaun Inman, although technically it’s not his code anymore, just something someone (who knows who) hacked up around it… */
*the usual bypass authorization by modifying the function to always validate hack*
Mint Piracy is a well-known problem to Shaun Inman, so I emailed him a potential solution to the problem of having to release his source code to users, but still needing some control. Hopefully in the future, we can work to bring piracy of Mint to a quick end.
Update: Inman isn’t a fan of the technique (which I think is perfect):
There is a simple way for you to track the origin of Mint pirate releases, and that is to add information to downloads in a way that looks normal, but actually can be later used to authenticate the source.
Person x buys mint, and you assign them id 123456. In base 2 you have 011110001001000000. So, the trick is, you now need to find 18 places in the code where you can choose one thing over another. So for every person x, you generate a unique download, choosing different adjectives in the comments in different places, etc, depending on the id you want to steganografically encrypt. The key to this is that you don’t tell anyone you’re doing it, and they probably won’t notice.
What do you think? Would this cause more grief?
|This entry was posted on Monday, March 5th, 2007 at 7:49 pm and is tagged with pirate version, 123456, potential solution, adjectives, different places, inman, piracy, mint, choose one, source code, hack. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback.|