http://www.donat.org/archos/temp/20041207-18491100.jpg

Here is a screenshot showing a modified firmware running on a Gmini player. Only the copyright notice has been changed but the proof of concept is here. Congratulations guys !! After around 6 months of reverse-engineering, it has been discovered that a special type of update files is NOT protected with any signing mechanism !! This file format will be used to build the upcoming open-source alternative firmware. A Linux port is also possible !

Check my previous post (December 2nd) for more information about this project.

Armadillo is a cryptographically strong software application to build trial mode executables for shareware software. Latest Armadillo algorithm (based on ECC) has the reputation to be impossible to keygen... until one week ago.

Some key generators for Armadillo-protected apps have appeared recently on many warez sites. What happened ? Armadillo wouldn't be so secure as claimed by Silicon realms ? In fact it is... as long as the private key is not revealed !

When you purchase software on a web server, it is likely that it will be able to generate a serial number and send it to you instantly. For this to happen, some very sensitive piece of information is stored on the server, including the private key used to generate serial number. Any breach on the server and the private key is disclosed to whoever needs it...

About two weeks ago, a very serious vulnerability has been revealed in phpBB, allowing to run arbitrary commands on the server. These servers were using phpBB... just like a lot of shareware sites in which a forum is available to exchange with the end users.

If you use instant serial number delivery on your website, it might be a good idea to have it run on a separate server to avoid this kind of situation to happen

There is a common thought about piracy among software professionals. Honest people buy software, bad guys use illegal versions.

Customers have the same thoughts : If someone purchases a software license, he would be more ready to think that he is abiding the laws and pointing at the bad guys using cracks. On the other hand, the average p2p user doesn't feel too bad about downloading copyrighted content for free.

What do you think the first guy would do if he had the opportunity to get freely what he bought initially ? Most people would of course try to get free content before accepting to actually buy something. There is no bad guy/good guy situation. This model is leading to some strategies like :

• - "The good guys won't use a crack. They know that my software is worth it" or - "I will not spend time to enforce my copyright because I trust the end-user and I prefer to work on new software features"

They are all wrong ! A good software digital rights management needs to focus on both development and marketing axes. Marketing, because we have to make people understand that we live in a capitalistic economy, most things are not free, even "digital things"... Development, because software DRM is a very technical subject (cryptography, low-level development). Your software protection must be very smoothly integrated to your application and to your web site. Always keep in mind that security and user-orientation will bring a successful product !

Gmemu is a project aiming at bringing an alternative open source firmware to the Archos Gmini mp3 players. After impressive works on Archos AVxxx series (ucLinux port !) and good old Archos Jukebox (open source alternative firmware), there is a serious job done on the gmini. The firmware has been reverse engineered (studied in order to understand its inner mechanism) and an emulator has been coded !!

The surprise here comes from the incredibly heavy protection deployed by Archos to prevent 'hackers' from playing with their machine. A first layer of protection is a simple XOR encryption and has already been defeated. The second layer is an impressive RSA/MD5 signing algorithm making it virtually impossible to validate an alternative modified firmware (i.e.: not signed by Archos). The RSA key is 768bits long... Ideas are numerous to jump this check but very technical. A good inspiration is what happened for the X-Box. Programming errors have been found in some games leading to a buffer overflow and possible arbitrary code execution. This project will be even more technical because exploiting an overflow on a Samsung RISC cpu requires very rare skills compared to the classical x86 stack overflow... ! :-S

http://www.donat.org/archos/wiki

Here is my first blog entry...

Ruff'n tumble was a nice Amiga platform game where you are a little boy and you have to kill all evil machines with crazy weapons : half platform / half shoot-them-up ! I thought it would be a nice title to summarize what my life looks like. No I don't kill evil machines on a daily basis but I feel like life is anything but a comfortable journey. My life is a real sprint. I don't sleep much, I try to do my best to dedicate a fair amount of time and efforts to the different aspects of my life : My personal life (the one I love), my professional life (and my ambition...), my hobbies (computing #?@! /me is a geek). Where are the evil machines you might ask ? Maybe in myself, a paradox made of different motivations tearing my head apart

Check this review for the Amiga game (sorry French !)