Software licensing using IPv6 addresses?

Ted Mittelstaedt tedm at ipinc.net
Tue Oct 18 00:29:54 CEST 2011 

On 10/17/2011 2:15 PM, Jay Hennigan wrote:
> On 10/17/11 2:06 PM, Brian E Carpenter wrote:
>> Hi,
>>
>> I remember that some software licenses used to be enforced by relying
>> on the user's static IPv4 address. Obviously this is a broken technique,
>> but has anybody seen it used with IPv6 addresses?
>
> It indeed is/was a broken technique with IPv4.  It will just as broken
> (or perhaps several trillion times more broken) if attempted with IPv6.
>
> Hopefully the people who attempted this with IPv4 have either gone out
> of business or moved on to something different.
>

No such luck.

We use one of these programs, a piece of billing software, that is
dependent on both the IP address AND the mac address.  In order to
move it from an older system to a newer system you have to e-mail
in the mac address and IP address of the new system to the vendor who
provides a license key.  You don't need an active service contract
to do this and they issue the key immediately, no questions asked.
It is very easy to do.

The MAC address dependency can be easily defeated by hard coding the
needed MAC into the network device driver and of course the IP address
dependency can be defeated by putting the device behind a translator,
but it is still a nuisance, and it is less of a nuisance to just
e-mail for a new key.

If you subject this kind of copy protection to games analysis you
will quickly find out that for a vendor it is probably the most
advantageous copy protection.  For starters it is easy for the clever
to defeat, so it isn't going to make a professional admin that
irritated enough that they will start gunning for the vendor.  But,
it is a severe obstacle for the stupid to defeat, and as the majority
of the customers are stupid, so the majority of customers by the
time they figure out how to defeat it, the vendor will have almost
certainly been involved in at least 1 support call, and so will be
alerted that the customer is attempting to screw them out of the
additional license fee.  Since the vendor then knows that the customer
attempting to do the screwing is stupid, they can use a bluff
that would be ignored by the clever admin, but will be
followed by the stupid one, that would prompt payment.

Look at iTunes after all.  They make millions, but iTunes did
nothing to make illegal copying of music any more difficult - if
anything they helped it since you can buy a track from them and
then strip the DRM off it and pirate it all you want.  All iTunes
needed to do was make using iTunes easier for the stupid than
using gnutella or kazza or whatever, and they make millions.

A vendor doing IP-based or MAC-based copy protection just needs to
make using such protection easier than defeating it, and they will
capture most of the market.  If anything, IPv6 helps this since
there isn't an easy-to-use NAT for IPv6 available.

Your still operating off the antique notion that most computer users
actually understand networking or computers and make purchasing
decisions based on what is technically a good idea or not.

Ted

> --
> Jay Hennigan - CCIE #7880 - Network Engineering - jay at impulse.net
> Impulse Internet Service  -  http://www.impulse.net/
> Your local telephone and internet company - 805 884-6323 - WB6RDV

More information about the ipv6-ops mailing list