Aladdin the magic to protect your data from prying eyes
By Zatni Arbi
JAKARTA (JP): You leave your office late in the evening. You make sure the door is locked before you go home. You think your software and data are safe. Think again.
In the wee hours of the morning someone may sneak into your office, take your CPU apart and pocket the hard disk. When you arrive at work the next day, a nasty surprise awaits you. The hard disk might have contained your strategic business plans, the mailing list database built over more than 10 years or a new blockbuster software application that you've been developing.
Sure, you always keep a backup of these milch cows, so it's not really a total loss. But somebody else may be browsing the contents of your hard disk the moment you find out it's missing. They may soon start a direct mailing service using your huge database. Or, someone else is using the very same application you expected to turn you into a millionaire.
What to do? Well, building physical protection is certainly the first effective step you can take. You should make sure that your office is not easy to break into. If necessary, store your digital gemstone in a removable storage device such as the Zip, Jazz or SyJet drive. Each time you call it a day, just put the cartridge away in the safe and lock its door.
Or, you can encrypt your data. Use a special utility to scramble selected files so that nobody can read them unless he or she knows the password. Better still, opt for the device called a "dongle" and program it to protect your digital riches.
A dongle, also called a key, is a small device that must be attached to the computer before you can run an application or open a data file. In fact, a dongle is quite a common means of protecting intellectual property rights. Expensive software packages, such as GIS applications, usually come with a dongle. You cannot run them without it in its place.
There are a number of dongle makers out there, such as Rainbow Technologies, Eutron and the Tel Aviv-based Aladdin Knowledge System. Software developers, in particular, are keen on using the dongle as it gives them a highly reliable means to protect their business.
Courtesy of PT Atlantis Tonerindo Prima, the distributor of Aladdin's HASP products for Indonesia, I was able to learn something about this protection device. It's quite interesting, and if you are a software developer or have precious data to protect, you will appreciate it, too.
HASP
According to Aladdin (www.aks.com), the name HASP actually stands for "Hardware Against Software Piracy". There are different types of HASP dongles that you can use to protect your software or data.
The one that Atlantis let me play around with is the type that should be attached to the parallel port of the PC. The parallel port version is a pass-through device, which means that the printer can be connected to the other end and you still can print out your documents as usual.
Other types of the HASP device come in the form of an ISA card that users can install in an ISA slot inside the PC. There is also a special version for Macs, UNIX, OS/2 and other platforms. There is another version for use on networks as well. Notebook users can opt for the Type-1 PC Card version.
Most dongles are transparent, which means that they do not block any data flow supposed to just pass through them. Therefore, it's not impossible to have more than one dongle daisy-chained into the parallel ports, each protecting a different application. Even dongles from different makers can be put together, as long as every one of them is completely transparent.
What about the possibility of intercepting the communication between the software and the dongle, to emulate the key? Aladdin says that even this communication is encoded so that hackers would not be able to capture it and make sense out of it.
Protection
To make these dongles or keys easy to use, Aladdin supplies it with a HASPWizard utility in a CD-ROM. It leads users, step-by- step, in setting up the protection.
Sometimes hackers try to pry open the binary files of the programs that they cannot run in order to read the source code and crack the protection key. This can be prevented by putting the executable files of your software in a digital wrapping. To do this, you can use HASP Envelope Utility.
Another protection that HASP offers comes in the form of Application Program Interface (API) that software developers can use to insert special "calls" or "links" to the key throughout the source code of their software. Used in combination with the envelope, the software will have full protection.
How exactly do the dongles work? The hardware contains a chip that is called Application Specific Integrated Circuit (ASIC). It has multiple electronic algorithms that are unique. When a HASP- protected application is loaded, it will send queries to the dongle, which will evaluate the query and give its response.
If the response is the expected one, the application can continue to load and run properly. Otherwise, depending on the developer, different things can happen next. The application may stop loading altogether or run in a demo mode, for example.
With another type of dongle called MemoHASP, which also contains a small amount of read/write memory (either 112 or 496 bytes), a software developer can even limit the number of times his software application can be run. This provides him with a very safe way to distribute demos to his potential customers without having to worry that they will take full advantage of it during the evaluation period. This may also be a feature that will allow him to rent his software per usage basis.
The particular HASP that I received from Atlantis was one that protects data instead of executable files. This one, called DataHASP, is more suitable for, say, those who own large database they have built for a long time. As I said, if you have sensitive data that you want to protect from prying eyes, something like this one will do the job well.