Code protection in BASIC

Questions about the BASICtools and MakeItC
Post Reply
basicchip
Posts: 1090
Joined: Fri Oct 19, 2012 2:39 am
Location: Weeki Watchee, FL
Contact:

Code protection in BASIC

Post by basicchip »

>from the help line
> On the SuperPro, is there a way to prevent BasicTools or any other third-party tool from reading the code on the board?

>I have a client who's beginning to make noises like he doesn't want to pay for certain features I did on contract after the main code was written.

>I have a "timeout" on the code, so if a license number isn't entered within 30 days, the code quits... but I don't want it to 'self-erase', because I don't want to travel back there to re-install it. I just want it to idle until they enter the correct info -- and of course, I don't want them to be able to read the software in order to figure out how to override the lockout.

The stock BASIC does have some security holes for copying code, but it is NOT trivial. I'm sure the NSA could break it, maybe even the FBI. Why any holes at all, well when we give you the ability to program the chip, that kind of opens the door to the dedicated hacker. We have thought about an OEM version of BASIC that is programmable only once, but unless you never change your code again, it is probably not practical.

BASICtools lets you stop a program and snoop around at the user code space (we can and have disabled this for some OEM clients). The problem is even if you can read the code, it is not easy to get it back into a chip, as there is encryption of the hex file that is downloaded, so as long as you don't provide the .hex file to the client, he would have to either reverse engineer our firmware or reverse engineer the encryption. Now a dedicated hacker could do this, but is it worth it?

Beyond that you could put a battery on the board and have a real time clock that you could use for your lockout mechanism. Even this is defeatable, but again on top of everything else would not be trivial.



basicchip
Posts: 1090
Joined: Fri Oct 19, 2012 2:39 am
Location: Weeki Watchee, FL
Contact:

Re: Code protection in BASIC

Post by basicchip »

PS JTAG is disabled by BASIC firmware, so just plugging into Keil won't get you anywhere.

Post Reply