Aladdin the magic to protect your data from prying eyes

Aladdin the magic to protect your data from prying eyes

By Zatni Arbi

JAKARTA (JP): You leave your office late in the evening. You
make sure the door is locked before you go home. You think your
software and data are safe. Think again.

In the wee hours of the morning someone may sneak into your
office, take your CPU apart and pocket the hard disk. When you
arrive at work the next day, a nasty surprise awaits you. The
hard disk might have contained your strategic business plans, the
mailing list database built over more than 10 years or a new
blockbuster software application that you've been developing.

Sure, you always keep a backup of these milch cows, so it's
not really a total loss. But somebody else may be browsing the
contents of your hard disk the moment you find out it's missing.
They may soon start a direct mailing service using your huge
database. Or, someone else is using the very same application you
expected to turn you into a millionaire.

What to do? Well, building physical protection is certainly
the first effective step you can take. You should make sure that
your office is not easy to break into. If necessary, store your
digital gemstone in a removable storage device such as the Zip,
Jazz or SyJet drive. Each time you call it a day, just put the
cartridge away in the safe and lock its door.

Or, you can encrypt your data. Use a special utility to
scramble selected files so that nobody can read them unless he or
she knows the password. Better still, opt for the device called a
"dongle" and program it to protect your digital riches.

A dongle, also called a key, is a small device that must be
attached to the computer before you can run an application or
open a data file. In fact, a dongle is quite a common means of
protecting intellectual property rights. Expensive software
packages, such as GIS applications, usually come with a dongle.
You cannot run them without it in its place.

There are a number of dongle makers out there, such as Rainbow
Technologies, Eutron and the Tel Aviv-based Aladdin Knowledge
System. Software developers, in particular, are keen on using the
dongle as it gives them a highly reliable means to protect their
business.

Courtesy of PT Atlantis Tonerindo Prima, the distributor of
Aladdin's HASP products for Indonesia, I was able to learn
something about this protection device. It's quite interesting,
and if you are a software developer or have precious data to
protect, you will appreciate it, too.

HASP

According to Aladdin (www.aks.com), the name HASP actually
stands for "Hardware Against Software Piracy". There are
different types of HASP dongles that you can use to protect your
software or data.

The one that Atlantis let me play around with is the type that
should be attached to the parallel port of the PC. The parallel
port version is a pass-through device, which means that the
printer can be connected to the other end and you still can print
out your documents as usual.

Other types of the HASP device come in the form of an ISA card
that users can install in an ISA slot inside the PC. There is
also a special version for Macs, UNIX, OS/2 and other platforms.
There is another version for use on networks as well. Notebook
users can opt for the Type-1 PC Card version.

Most dongles are transparent, which means that they do not
block any data flow supposed to just pass through them.
Therefore, it's not impossible to have more than one dongle
daisy-chained into the parallel ports, each protecting a
different application. Even dongles from different makers can be
put together, as long as every one of them is completely
transparent.

What about the possibility of intercepting the communication
between the software and the dongle, to emulate the key? Aladdin
says that even this communication is encoded so that hackers
would not be able to capture it and make sense out of it.

Protection

To make these dongles or keys easy to use, Aladdin supplies it
with a HASPWizard utility in a CD-ROM. It leads users, step-by-
step, in setting up the protection.

Sometimes hackers try to pry open the binary files of the
programs that they cannot run in order to read the source code
and crack the protection key. This can be prevented by putting
the executable files of your software in a digital wrapping. To
do this, you can use HASP Envelope Utility.

Another protection that HASP offers comes in the form of
Application Program Interface (API) that software developers can
use to insert special "calls" or "links" to the key throughout
the source code of their software. Used in combination with the
envelope, the software will have full protection.

How exactly do the dongles work? The hardware contains a chip
that is called Application Specific Integrated Circuit (ASIC). It
has multiple electronic algorithms that are unique. When a HASP-
protected application is loaded, it will send queries to the
dongle, which will evaluate the query and give its response.

If the response is the expected one, the application can
continue to load and run properly. Otherwise, depending on the
developer, different things can happen next. The application may
stop loading altogether or run in a demo mode, for example.

With another type of dongle called MemoHASP, which also
contains a small amount of read/write memory (either 112 or 496
bytes), a software developer can even limit the number of times
his software application can be run. This provides him with a
very safe way to distribute demos to his potential customers
without having to worry that they will take full advantage of it
during the evaluation period. This may also be a feature that
will allow him to rent his software per usage basis.

The particular HASP that I received from Atlantis was one that
protects data instead of executable files. This one, called
DataHASP, is more suitable for, say, those who own large database
they have built for a long time. As I said, if you have sensitive
data that you want to protect from prying eyes, something like
this one will do the job well.