Yes, as I said, you exercise the algorithm to produce the key. The key is just 'in the algorithm' that derives the key.
The software is quite capable of deriving its own key given the proper host parameters. The examiners can and will know what system the code was taken from, and can collect any parameters from that system that are needed. In a harware virtual environemnt you can inject any host attribute you like, at any time you like, and the code running in it will never know the difference if you take certain steps, like making the CPU clock instruction cycle correct for the given hardware. The malware code will only know what you tell it, so the trick is figuring out what parameters you need to tell it, and that comes from excercising the code as well to see what it tries to access. Locically everything it needs to defeat itself is already in there, except the host parameters, and we just need to be smart enough and persistant enough to figure it out.
The problem as I see it is to figure out how to exercise the code that unlocks the key used to decrypt the payload. Brute force to crack the payload is going about it the hard way. When dealing with criminals, never play by their rules.
The reason the payload exists is so that it can be decrypted and used. Both the algorithm and the key are in there somewhere. The problem is discovering under what conditions it is exercised and halt the process after the decryption but before the key is removed from memory. Timing is the key to success.
Load the code in a hardware virtualization monitoring environement with an emulated CPU clock and let it run. Analyse the code execution and discover the branches not taken and then force it to take each branch the next time around, and watch/trace what it does. If you find ant-debugging protections along that path then you are probably on the right track to recover the key. There is no singular trick in their little-black-bag-of-tricks that can't be worked around. Be persistant and the key will be recovered, and a lot sooner than trying to brute-force decrypt the payload without the key.
not only are they duplicated on the steering wheel, but they are well designed and many will deactivate (greyed out) while the car is in motion to prevent accidents.
Un fortunately this forces the driver to pull off the road just to select a predefined destination in the navigation system. Which would cause more accidents? pushing two buttons or pulling off and back on a busy highway?
fwiw I never tried the voice control to see if navigation is deactivated by voice when the buttons are greyed out.
You forgot about "Bob". How could you leave out Bob when talking about "bad" or complete marketing flops? It was a historical event in its own right, but one that most would likely choose to forget if not reminded.;)
Considering that we havent verified anything yet, these stories really make Science look cheap.
"We interpret the new particle at the Large Hadron Collider as a CP-even scalar and investigate its electroweak quantum number. Assuming an unbroken custodial invariance as suggested by precision electroweak measurements, only four possibilities are allowed if the scalar decays to pairs of gauge bosons, as exemplified by a dilaton/radion, a non-dilatonic electroweak singlet scalar, an electroweak doublet scalar, and electroweak triplet scalars. We show that current LHC data already strongly disfavor both the dilatonic and non-dilatonic singlet imposters. On the other hand, a generic Higgs doublet and a triplet imposter give equally good fits to the measured event rates of the newly observed scalar resonance, although a Standard Model Higgs boson gives a slightly better overall fit. The global fit indicates the enhancement in the diphoton channel could be attributed to an enhanced partial decay width, while the production rates are consistent with the Standard Model expectations. We emphasize that more precise measurements of the ratio of event rates in the WW over ZZ channels, as well as the event rates in bb and tau tau channels, are needed to distinguish the Higgs doublet from the triplet imposter. "
1) First, loose the attitude, and focus on teamwork, and don't try to compete. If you can do that you will always be in demand by your coworkers because you make their lives easy, and you will quickly stand out with upper management.
2) Once you gain some experience, start looking for someplace where the Giants of the IT industry go when they get good at what they do. I'm 54 and I have the same drive and determination to know everything as you do, but I also work at a research institution where you have to work with others whom are equally gifted. Its not a competition because there is always somebody better at something than you. When you fly with Superman its hard to stand out, but you certainly learn *a lot every day.
If you keep the attitude that you are “Competing” the way you do, it isn't going to win you friendship or admiration from your peers, no matter what their age. Its not their age that is the problem, as I am a perfect counter example. Its their personal initiative to 'be the best that they can be' that is lacking. You will never change that in a person, so don't even try. They will resent anyone that keeps pointing that out to them. Focus instead on helping to make *their* lives/jobs easy and they will then appreciate you being around, and you will eventually earn their full respect, and eventually get the more interesting work and be asked to make key decisions. When management sees your peers actually depending on you for things you will in turn earn their respect. It only gets better from there. Teamwork is always the winning strategy.
All software has flaws in it and phones are no exception. I once (several years ago) attended a "demo" in which an iPhone was both 0wned and back-door'ed in under 15 seconds from the time they got the phones IP address on the network. I'm not a liberty to tell you who or how, but I can tell you they did it with ease. Litterally type in the IP, point, click, upload. Done! That being said, that vulnerbility they leveraged no longer exists, but others do. That little demo really made me take notice about the vulnerability of mobile devices specifically, which is why I have been studying the problem over the past couple of years.
In short, mobile phones are essentually just highly connected 'social devices' and they should not be treated as anything but that. Putting the keys to your personal finances on such a device, being it from Google or Apple is just a bad idea. The only saving grace fwould be if that device is tied to a credit card where you actually have the rights to get your money back should it be hacked, stolen, snooped on, or otherwise misused. If instead its tied to your savings or retirement account you can simply kiss it all goodby.
I'm just waiting for the credit card companies to start writing some sort of liability exclusions for mobile devices that they don't sanction, or something like that. Chances are they have not seen the depth of the vulnerabilities and are at the moment just smelling the money. As soon as these devices get popular you can expect the reality-checks to start happening. I will be very suprised if it doesn't happen to at least one of these phone payment systems over the next two years.
Don't let the RIAA get their hands on this technology. They will just start suing all the off-label artists for stealing their valuable "copyrighted" chord progressions.
Never embed a private key in your application, ever. Did I mention never?
No mater how you impliment it, someone is going to reverse engineer your app (for fun, or profit) and will discover your darkest of dark secrets. Once they find your key the game is over. There is no going back. Whatever that key is protecting is now open to a hackers delight field day worthy of its own Defcon capture the flag compitition. If you are lucky some nice grey-hat hacker will tell you before you get in too much trouble, if not, you are going to have one very bad day (or days) at the office. There are better ways to handle keys, don't act like a yahoo and take the time to learn how to do it right.
It has both a VGA and an HDMI connector running 720p. Considering the low horse power of the CPU that resolution is somewhat impressive without a GPU power hog .
Thats not too bad for $49 if you have a specific need for Android. If the Android toolset was self hosting and the board had some extra digital IO interfaces, like the Ardrino, I would be sold on it already.
I would suspect that a satellite in a high earth orbit with a good powerful laser could vaporize small amounts of material on the top leading edge of the space junk and effectively slow the junk down enough to be trapped by normal gravitation. As each piece of junk comes towards the craft the laser would give it a gentile nudge to slow it down just a little. Eventually they will slow enough and just burn up in the atmosphere. Powering the crafts laser would likely require a rather large RTG to generate enough power, or a huge solar array, just to keep the duty cycle high enough to do any good given the amount of junk flying around up there.
Note: prices stated below are just for dramatization, and are not thoughtfully calculated.
.
One android satellite development program, $3.8 trillion.
One heavy lift rocket to lift that satellite into orbit $3.7 billion.
One load of oxidizer/fuel mixture lifted into space to catch one low earth orbiting satellite, $5 million.
One dead US satellite in low earth orbit, return value $0.
One live Chinese spy satellite in low earth orbit, return value, priceless!
Funny how the same set of tools used to dismantle old broken US satellites is also approximately the same set of tools needed to dismantle and examine the Chinese, N Korean, or Iranian satellites, isn't it? Dismantling old broken US satellites will never be cost effective, but having knowledge of say Soviet and Chinese spy satellite technology is no doubt absolutely priceless. Of course I must be wrong, because the fine article never said anything about 'other peoples' satellites.
"you should believe what it says in this book because it's true!" is pretty weak.
Very true. One thing that most people don't think about is that up to the invention of the printing press there were litterally THOUSANDS of versions of the Bible. Each time they were hand copied they were often embellished, and thus changed over the years. King James even took exception to certain verses and had his own version created to suit his will. In short, there was mass plagiarism and the content can not be trusted to be anything like the truth^h^h^h^h^h fable it should be.
That being said, the dogma of the faiths force its patrons to ignore the facts around them, and instead tells them that they are not supposed to understand the mind of [insert deity name here] and instead just take it on faith that there is a reason for everything. More likely, the priests saying that were unable to make up a good story that made any sense, so 'you had better just believe' or else worked just as well.
I would generally agree with your assessment. My only issue is that the wording of the Bill is somewhat open-ended, in that it does not say any specific requirements for what gets recorded, only a general statement on "safety" related data. The issue is it could have a type of 'feature creep" where certain organizations push for somewhat unrelated metrics to be collected under the general guise of safety. Is GPS position history safety related? Some might argue it is. I think that any bill passed should enumerate exactly what details are to be recorded, after all, the auto companies need to know what kind of sensors are to be deployed otherwise the costs will eventually get out of hand as new requirements are added. The Government has a history of moving the goal posts if they are not nailed down first.
shall require event data recorders to capture and store data related to motor vehicle safety covering a reasonable time period before, during, and after a motor vehicle crash or airbag deployment, including a rollover;
All DRM is insufficient. Thats because it is 'logically' infeasable to create a "software" system that runs on general purpose hardware that can't be modified by a person having physical access to that machine. Anybody that tells you differently is just selling SnakeOil(tm), and apparently laughing all the way to the bank these days because of companies like Sony. All you need is one ticked-off uber hacker and all the millions you poured into the fancy DRM is all for naught. Its a waste of money if all you do is use it to tick-off the paying user who is just trying to get what they paid for. The DRM itself then becomes the badge of honor for the hacker, and the fruits of their labor will surely get posted where it will do the company the most harm, just in spite. Its human psychology 101. Sony is their own worst enemy, throwing good money after bad, just to tick-off even more customers to get hacked again. Its a vicious cycle for them.
So now we even export nuclear materials directly to the Taliban for use in their dirty-bomb program? Do we really think that one UAV will not wind up in the enemy hands due to a lucky shot, mechanical failure, or acts of Nature? What are the chances? Oh about 100% in the long term if they would ask me.
What is down is the economy, and as a consequence also the number of people traveling by air. If there are fewer people competing for that slimmed down "service" wouldn't you think that the arilines might actually try harder to gain as many passengers as possible? They are not "doing better", rather just trying not to lose more business than they already have.
There was a study just last year that stated the same thing about benadryl (Diphenhydramine), but that study went out on a limb and stated that by reducing the swelling the immune system was able to get into the affected area and remove the cancer. By that theory, anything that reduces swelling should reduce the chance of cancer, so why should asprin be any different?
Its all political sensationalism, nothing more. Yes, the US missile defense system does work, and it works well, but only for a small rouge country with just a few missiles in their inventory. Any major Nation State like Russia has way more ballistic missiles in their inventory than any defense system, current or future, is capable of stopping. Any aggression by a nuclear superpower will still have mutually assured destruction, so why even start? The US won't, and we all sure hope Russia won't either. Nuclear war never makes sense no matter where you are standing.
.
What the US defense system does buy them is the capability of negating the first few missiles that a terrorist, or small country, might try to launch at a place they care about enough about to try to defend, and that could even include parts of Russia if they wanted it that way. The US has no problem protecting friendly nations, but apparently Russia doesn't want to see things that way for some reason.
Russia clearly has some alternator political motives. Perhaps boosting their own defenses will help bring themselves out of a bad economic situation? Who knows. What they do know that the US defensive missiles don't even carry a warhead, they just disintegrate the other missile through shear kinetic energy. If you are not an exoatmospheric ballistic missile flying a Mach 3 then you don't really have have much to fear. There is no logical reason for the US to launch nuclear missiles at Russia just because they could stop the first few that they threw back at them. That is just illogical and completely irrational.
While this specific patent is fairly particular about the method of doing and storing it, sooner or later someone is going to sue sombody else with an overly broad accusation, and want billions of dollars in damages, simply to shut them down and put them out of business.
We need to remove the "directional speaker" from the system and instead add in an "Audio Spotlight" http://www.holosonics.com/ in its place. That way any people around the "noisy" person do not need to listen to the noisy person NOR the speaker echo system trying to make them stop. The "sound" would litterally be 'all in their head', and not for others to listen to. I heard this spotlight device back in the year 2000, and it was really wild listneing to music in your head that others next to you could not hear. You could litterally put voices in somebodys head and play with their mind with this thing.
DRM is nothing but SnakeOil, and any salesman that tells you it will cure your problem is already counting his money. The fact is, as others have already noted, is that any DRM can and will be broken. In fact there are people out there that don't even want to run your software, they just break the DRM and post it on the Internet for fun. These are serious hackers, and you only need one to waste all your DRM SnakeOil money. There is no DRM that is worth the money.
Ok, I hate being pesimistic, but we need to face the facts. Money spent on DRM is wasted money. However, there are some ways others have spoken about that have some merit, but also problems. One such is the aways-online network model and also hardware dongles. Networks go down and standard dongles are easy to hack around. So, what to do?
The always-online model has the strong point that a portion of the processing can be off loaded so the central server, and user's software itself has code missing that can not be simply hacked around like in the dongle. The dongle can have some unique embedded features which can be tested for but is generally easy to hack around since its easy to bypass code. What about a mix of the two? What about a custome dongle that actually adds processing power to the software and the software is then sold as a "system".
If the dongle/board/unit has real functionality (e.g. FPGA accellerator board) the software without it is useless, and if the device is non-trivial it would be very hard to duplicate by the average hacker, and they couln'd just post the results of that hacked code online. You need both. It would be too costly to develop the replacement hardware for fun and impossible to sell it without being noticed. It would not be like a "standard" dongle that one can hack by putting in noop's and nonconditional jumps to deactivate it, as it actually does things the software side needs. A pirate would have to be *very* comitted, and with much more money and resources than the cost of one simple licensed unit to even think about trying to replicate it. As long as the coprocessor dongle unit adds functionality in the form of function or performance it may be acceptable to users, but not unless it actually gives them something for their money. So, can you product be decompoed into two peices where a portion is hardware accellerated?
Slashdot Mirror
Yes, as I said, you exercise the algorithm to produce the key. The key is just 'in the algorithm' that derives the key. The software is quite capable of deriving its own key given the proper host parameters. The examiners can and will know what system the code was taken from, and can collect any parameters from that system that are needed. In a harware virtual environemnt you can inject any host attribute you like, at any time you like, and the code running in it will never know the difference if you take certain steps, like making the CPU clock instruction cycle correct for the given hardware. The malware code will only know what you tell it, so the trick is figuring out what parameters you need to tell it, and that comes from excercising the code as well to see what it tries to access. Locically everything it needs to defeat itself is already in there, except the host parameters, and we just need to be smart enough and persistant enough to figure it out.
The reason the payload exists is so that it can be decrypted and used. Both the algorithm and the key are in there somewhere. The problem is discovering under what conditions it is exercised and halt the process after the decryption but before the key is removed from memory. Timing is the key to success.
Load the code in a hardware virtualization monitoring environement with an emulated CPU clock and let it run. Analyse the code execution and discover the branches not taken and then force it to take each branch the next time around, and watch/trace what it does. If you find ant-debugging protections along that path then you are probably on the right track to recover the key. There is no singular trick in their little-black-bag-of-tricks that can't be worked around. Be persistant and the key will be recovered, and a lot sooner than trying to brute-force decrypt the payload without the key.
Un fortunately this forces the driver to pull off the road just to select a predefined destination in the navigation system. Which would cause more accidents? pushing two buttons or pulling off and back on a busy highway?
fwiw I never tried the voice control to see if navigation is deactivated by voice when the buttons are greyed out.
You forgot about "Bob". How could you leave out Bob when talking about "bad" or complete marketing flops? It was a historical event in its own right, but one that most would likely choose to forget if not reminded. ;)
check the API's first to see if it has everything you need.
"We interpret the new particle at the Large Hadron Collider as a CP-even scalar and investigate its electroweak quantum number. Assuming an unbroken custodial invariance as suggested by precision electroweak measurements, only four possibilities are allowed if the scalar decays to pairs of gauge bosons, as exemplified by a dilaton/radion, a non-dilatonic electroweak singlet scalar, an electroweak doublet scalar, and electroweak triplet scalars. We show that current LHC data already strongly disfavor both the dilatonic and non-dilatonic singlet imposters. On the other hand, a generic Higgs doublet and a triplet imposter give equally good fits to the measured event rates of the newly observed scalar resonance, although a Standard Model Higgs boson gives a slightly better overall fit. The global fit indicates the enhancement in the diphoton channel could be attributed to an enhanced partial decay width, while the production rates are consistent with the Standard Model expectations. We emphasize that more precise measurements of the ratio of event rates in the WW over ZZ channels, as well as the event rates in bb and tau tau channels, are needed to distinguish the Higgs doublet from the triplet imposter. "
http://arxiv.org/abs/1207.1093
2) Once you gain some experience, start looking for someplace where the Giants of the IT industry go when they get good at what they do. I'm 54 and I have the same drive and determination to know everything as you do, but I also work at a research institution where you have to work with others whom are equally gifted. Its not a competition because there is always somebody better at something than you. When you fly with Superman its hard to stand out, but you certainly learn *a lot every day.
If you keep the attitude that you are “Competing” the way you do, it isn't going to win you friendship or admiration from your peers, no matter what their age. Its not their age that is the problem, as I am a perfect counter example. Its their personal initiative to 'be the best that they can be' that is lacking. You will never change that in a person, so don't even try. They will resent anyone that keeps pointing that out to them. Focus instead on helping to make *their* lives/jobs easy and they will then appreciate you being around, and you will eventually earn their full respect, and eventually get the more interesting work and be asked to make key decisions. When management sees your peers actually depending on you for things you will in turn earn their respect. It only gets better from there. Teamwork is always the winning strategy.
In short, mobile phones are essentually just highly connected 'social devices' and they should not be treated as anything but that. Putting the keys to your personal finances on such a device, being it from Google or Apple is just a bad idea. The only saving grace fwould be if that device is tied to a credit card where you actually have the rights to get your money back should it be hacked, stolen, snooped on, or otherwise misused. If instead its tied to your savings or retirement account you can simply kiss it all goodby.
I'm just waiting for the credit card companies to start writing some sort of liability exclusions for mobile devices that they don't sanction, or something like that. Chances are they have not seen the depth of the vulnerabilities and are at the moment just smelling the money. As soon as these devices get popular you can expect the reality-checks to start happening. I will be very suprised if it doesn't happen to at least one of these phone payment systems over the next two years.
Don't let the RIAA get their hands on this technology. They will just start suing all the off-label artists for stealing their valuable "copyrighted" chord progressions.
No mater how you impliment it, someone is going to reverse engineer your app (for fun, or profit) and will discover your darkest of dark secrets. Once they find your key the game is over. There is no going back. Whatever that key is protecting is now open to a hackers delight field day worthy of its own Defcon capture the flag compitition. If you are lucky some nice grey-hat hacker will tell you before you get in too much trouble, if not, you are going to have one very bad day (or days) at the office. There are better ways to handle keys, don't act like a yahoo and take the time to learn how to do it right.
Old School VGA connector.
It has both a VGA and an HDMI connector running 720p. Considering the low horse power of the CPU that resolution is somewhat impressive without a GPU power hog .
Thats not too bad for $49 if you have a specific need for Android. If the Android toolset was self hosting and the board had some extra digital IO interfaces, like the Ardrino, I would be sold on it already.
I would suspect that a satellite in a high earth orbit with a good powerful laser could vaporize small amounts of material on the top leading edge of the space junk and effectively slow the junk down enough to be trapped by normal gravitation. As each piece of junk comes towards the craft the laser would give it a gentile nudge to slow it down just a little. Eventually they will slow enough and just burn up in the atmosphere. Powering the crafts laser would likely require a rather large RTG to generate enough power, or a huge solar array, just to keep the duty cycle high enough to do any good given the amount of junk flying around up there.
.
One android satellite development program, $3.8 trillion.
One heavy lift rocket to lift that satellite into orbit $3.7 billion.
One load of oxidizer/fuel mixture lifted into space to catch one low earth orbiting satellite, $5 million.
One dead US satellite in low earth orbit, return value $0.
One live Chinese spy satellite in low earth orbit, return value, priceless!
Funny how the same set of tools used to dismantle old broken US satellites is also approximately the same set of tools needed to dismantle and examine the Chinese, N Korean, or Iranian satellites, isn't it? Dismantling old broken US satellites will never be cost effective, but having knowledge of say Soviet and Chinese spy satellite technology is no doubt absolutely priceless. Of course I must be wrong, because the fine article never said anything about 'other peoples' satellites.
Just read:
"The God Delusion" by Richard Dawkins"
ISBN-10: 0618918248
ISBN-13: 978-0618918249
When you finish that one we will find a few more for you.
Very true. One thing that most people don't think about is that up to the invention of the printing press there were litterally THOUSANDS of versions of the Bible. Each time they were hand copied they were often embellished, and thus changed over the years. King James even took exception to certain verses and had his own version created to suit his will. In short, there was mass plagiarism and the content can not be trusted to be anything like the truth^h^h^h^h^h fable it should be.
That being said, the dogma of the faiths force its patrons to ignore the facts around them, and instead tells them that they are not supposed to understand the mind of [insert deity name here] and instead just take it on faith that there is a reason for everything. More likely, the priests saying that were unable to make up a good story that made any sense, so 'you had better just believe' or else worked just as well.
cat patent.txt | sed -e 's/ad-supported/Chineese Water Torture/g' > /dev/null
All DRM is insufficient. Thats because it is 'logically' infeasable to create a "software" system that runs on general purpose hardware that can't be modified by a person having physical access to that machine. Anybody that tells you differently is just selling SnakeOil(tm), and apparently laughing all the way to the bank these days because of companies like Sony. All you need is one ticked-off uber hacker and all the millions you poured into the fancy DRM is all for naught. Its a waste of money if all you do is use it to tick-off the paying user who is just trying to get what they paid for. The DRM itself then becomes the badge of honor for the hacker, and the fruits of their labor will surely get posted where it will do the company the most harm, just in spite. Its human psychology 101. Sony is their own worst enemy, throwing good money after bad, just to tick-off even more customers to get hacked again. Its a vicious cycle for them.
Only they didn't ask.
What is down is the economy, and as a consequence also the number of people traveling by air. If there are fewer people competing for that slimmed down "service" wouldn't you think that the arilines might actually try harder to gain as many passengers as possible? They are not "doing better", rather just trying not to lose more business than they already have.
There was a study just last year that stated the same thing about benadryl (Diphenhydramine), but that study went out on a limb and stated that by reducing the swelling the immune system was able to get into the affected area and remove the cancer. By that theory, anything that reduces swelling should reduce the chance of cancer, so why should asprin be any different?
.
What the US defense system does buy them is the capability of negating the first few missiles that a terrorist, or small country, might try to launch at a place they care about enough about to try to defend, and that could even include parts of Russia if they wanted it that way. The US has no problem protecting friendly nations, but apparently Russia doesn't want to see things that way for some reason.
Russia clearly has some alternator political motives. Perhaps boosting their own defenses will help bring themselves out of a bad economic situation? Who knows. What they do know that the US defensive missiles don't even carry a warhead, they just disintegrate the other missile through shear kinetic energy. If you are not an exoatmospheric ballistic missile flying a Mach 3 then you don't really have have much to fear. There is no logical reason for the US to launch nuclear missiles at Russia just because they could stop the first few that they threw back at them. That is just illogical and completely irrational.
http://gramlich.net/projects/public_annotations/authoring.html
While this specific patent is fairly particular about the method of doing and storing it, sooner or later someone is going to sue sombody else with an overly broad accusation, and want billions of dollars in damages, simply to shut them down and put them out of business.
We need to remove the "directional speaker" from the system and instead add in an "Audio Spotlight" http://www.holosonics.com/ in its place. That way any people around the "noisy" person do not need to listen to the noisy person NOR the speaker echo system trying to make them stop. The "sound" would litterally be 'all in their head', and not for others to listen to. I heard this spotlight device back in the year 2000, and it was really wild listneing to music in your head that others next to you could not hear. You could litterally put voices in somebodys head and play with their mind with this thing.
Ok, I hate being pesimistic, but we need to face the facts. Money spent on DRM is wasted money. However, there are some ways others have spoken about that have some merit, but also problems. One such is the aways-online network model and also hardware dongles. Networks go down and standard dongles are easy to hack around. So, what to do?
The always-online model has the strong point that a portion of the processing can be off loaded so the central server, and user's software itself has code missing that can not be simply hacked around like in the dongle. The dongle can have some unique embedded features which can be tested for but is generally easy to hack around since its easy to bypass code. What about a mix of the two? What about a custome dongle that actually adds processing power to the software and the software is then sold as a "system".
If the dongle/board/unit has real functionality (e.g. FPGA accellerator board) the software without it is useless, and if the device is non-trivial it would be very hard to duplicate by the average hacker, and they couln'd just post the results of that hacked code online. You need both. It would be too costly to develop the replacement hardware for fun and impossible to sell it without being noticed. It would not be like a "standard" dongle that one can hack by putting in noop's and nonconditional jumps to deactivate it, as it actually does things the software side needs. A pirate would have to be *very* comitted, and with much more money and resources than the cost of one simple licensed unit to even think about trying to replicate it. As long as the coprocessor dongle unit adds functionality in the form of function or performance it may be acceptable to users, but not unless it actually gives them something for their money. So, can you product be decompoed into two peices where a portion is hardware accellerated?