Judging from Clints avatar I guess that Rendo works for the prevention of using Warez. :)

Here's a wild idea.
In the furure when people submit entries to contests why not also ask for license details?
If somebody wins then you will check the license details with the software vendor.

This is standard procedure when buying plugins, add-on etc from other sites.

/anders

Attached Link: http://www.pcworld.com/article/128502-1/article.html?tk=nl_dnxnws

If I had go to through 20 or 30 files to find the licence match that with payment records, maybe routing through a bunch of cd's to find the orginal zip. I probably wouldn't bother to to enter.  

A much better way would be some form of tagging the contents of zip files. Perhaps adding a unique numerical tag to a texture map. The tag could be verifed against purchases and used to track those sharing files.   

But the problem then is automating this in such a way it's quick for the site and the buyer. 
Plus all poser sites would need to have the same software. Plus there would need to be a checking system to avoid false postives. 

As an aside I see Paypal are testing a hardware tool to prevent phising (see link). This looks like a good idea. I'd pay $5 for that.

yes I undertand but I'm more talking about the main software used.

If you are using for example 3DSMax and Vray or any other package then you have received a license number from the vendor that is unique and assigned to your real name. This could be part of the information that is entered when submitting contributions to a contest.

This shouldn't be automatically checked but could be verified with the software vendor.

Much like when athletes are checked for anabola steriods after winning a race.. :)

erm... give over my serial numbers? no thanks! sorry I guard those like my PIN number!

...for example when buying C4D plugins or downloading C4D updates you are required to enter the 4-5 last couple of digits from your license number (not the complete license number).

and that is between you and the person that wrote the software right? - someone who already has your serial since they issued it to you? no third party involved right?

No I also have purchased plugins from a 3rd party developer.

Anyway my idea was that if you participitate in a contest you should be prepared for validating that your main tool is legit.

I agree with Khai... I have passed on purchasing plugins and getting side-grade price breaks on software purchases because they asked for my serial number.

For instance, C4D offers a price break on their software if you have purchased Shade, but there's no way in heck I'd let my Shade serial number end up in Maxon's database.  It's not that I distrust their site, but I have no idea what security they use to safeguard that information.

And no offense to Renderosity, but I wouldn't let them have that info either.  For pretty much the same reason.

Here's a wild idea.
In the furure when people submit entries to contests why not also ask for license details?

hey .... WE live in a FREE country ..i dont know about you but WE do ..
And WE dont need your Police/FBI/DEA/ATF/CIA policy's .....
Asking for serial number when entering a contest ... IMHO you got to get a life..

Why am i so "hard " on this not because i have tons of copy's prog's but just because 
You think of such a idiotic idea just for entering a image contest....

Conceptually then... don't you agree that the products used in contest (and to produce items in the marketplace) should be legit and it would be good if there was way to verify it?

ummm...what happened to "innocent until proven guilty"

No.. Why in heavens name should i need to know that some one that enters a contest has the Original program..
The Police is the one to look for thieves Not R'O ... 
Its Idiotic to even think something like this...
When you get some bread at the market does the checkout employe check  your money if you earn it the right way....
Does the police stop you in your car every time you leave the house ..to see if you own it and your licence .... NO ... and thats the way it should be....
So nobody needs to proof anything until the JUDGE ask for it...
I feel people like you who come up with these things scary realy scary..

Greeting Chris 

Quote -

hey .... WE live in a FREE country ..i dont know about you but WE do ..
And WE dont need your Police/FBI/DEA/ATF/CIA policy's .....
Asking for serial number when entering a contest ... IMHO you got to get a life..

Why am i so "hard " on this not because i have tons of copy's prog's but just because 
You think of such a idiotic idea just for entering a image contest....

jeez.. why don't you chill and think for 2 seconds before being rude to your fellow forum visitors.

Quote - Conceptually then... don't you agree that the products used in contest (and to produce items in the marketplace) should be legit and it would be good if there was way to verify it?

Actually, no.

If an artist steals a paintbrush, and subsequently paints a masterpiece with it, this does not invalidate the value of the artwork.  It's still a worthy piece of art no matter what its origins.

I don't see 3D software as anything but fancy tools.  There is no "make art" button.  You have to have the artistic eyes and skills to pull something from it.

Quote -

Actually, no.

If an artist steals a paintbrush, and subsequently paints a masterpiece with it, this does not invalidate the value of the artwork.  It's still a worthy piece of art no matter what its origins.

OK good point!

I love whacked out threads like this. (long winded bookmark)

And what about if what you use almost all has been created by yourself. Have I issue a license of myself?

Another question, if you enter some contest you enter to win the prize. If you use warez software/products for the contest, for what the Hell do you need the contest?
You can download for free the prize without bothering to make any work and even have the risk of not wining the contest!!!!!

Quote - Judging from Clints avatar I guess that Rendo works for the prevention of using Warez. :)

Here's a wild idea.
In the furure when people submit entries to contests why not also ask for license details?
If somebody wins then you will check the license details with the software vendor.

This is standard procedure when buying plugins, add-on etc from other sites.

/anders

if some one is gonna be a warez user they wont buy plug ins they';; steal em. as fopr giving over a licence to a 3000 dollar app to a site thats stuff is all over the warez net.....i've actuaaly stopped using all daz and poser products that don't come with the app cos the torrents sights are full of em. i deleted all my runtimes cos i'm thinking ..i don't knopw what i'm thinking but i know from now on i'll only use what i make and what comes with the app. i saw poser 7 on a torrent site and it had over 3500 downloads lmao. it's a farce.

billy

You even can't use XP, P2Ps are full of Windows XP.
Thinking well, you can't use your computer, the motherboard was made in China and you can be sure that is a patent violation of someone.

whatever...

No point in trying to keep a discussion on a decent level.

**Hawkfyr .... 
Next time i wont use so many words ..i'll just ask you to put up a image that says it all..

But can you proof ownership of the cat 's and gun, and image of the cats and gun..
Please provide us with the numbers and certificates of the Gun and the Cat's ..specialy that cat who just sat down on a clown ...

**

I do gardening jobs.  Do I show proof-of-purchase to each client for the lawnmower I bring with me?  Of course not.

This is a lousy idea.

well, anyway, I hope they resolve this issue, despite all the inapplicable analogies in this thread. :lol: I'm just glad of one thing - it wasn't my klown on that catt-butt :lol:

Quote - yes I undertand but I'm more talking about the main software used.

If you are using for example 3DSMax and Vray or any other package then you have received a license number from the vendor that is unique and assigned to your real name. This could be part of the information that is entered when submitting contributions to a contest.

This shouldn't be automatically checked but could be verified with the software vendor.

I'd never give over my serial key to anyone but the company who designed and released the program, or the company that bought that software company and took over it's support, IE: Jasc and Corel.

Handing out your serial key is asking for trouble.

You can feel the fear this idea has caused bazze. It's a well-known fact that everyone of the thousands of members of Renderosity has legitimately purchased their copy of Photoshop.

DDevant, are you implying, or even suggesting, that anyone who has replied to this thread is a thief? If you are not, then can you explain what you mean by 'You can feel the fear...'?

(cf DDevant)

If this is the old, "the innocent have nothing to fear" gambit, then shove it.  I can't speak for anyone else,  but I personally (a) don't use Pshop and (b) use, exclusively, legitimate free software for anything I put on this site...

Noobs eh?

hey guys let's not call each other names and stir up feelings for no good...

Quote - (cf DDevant)

  I can't speak for anyone else,  but I personally (a) don't use Pshop and (b) use, exclusively, legitimate free software for anything I put on this site...

Noobs eh?

I thought you are a C4D user? :)

Guys, whilst we're all entitled to our opinions, and to express those opinions, I don't think it's necessary to pillory each other.

--

From a personal point of view, my immediate take on this would be "Administrative nightmare! Flee, flee for your lives!" and run very far away from ever volunteering to manage such a thing ;o)

I can certainly see why a software company might want to do this if they were running their own contest (for example, E-Frontier running a Poser contest.) But then they would have all the registration details anyway. I would be wary of trying to manage this sort of thing through any third party site.

The only thing that I fear is the sky falling on my head or the sea bypass its natural barrier.

Yes I agree with Karen on both counts.  

Its definitely okay for everyone to have their opinion but we need to not make this thread personal and get things civil please.

Thanks

" I thought you are a C4D user? :)"

Free copy from a magazine cover disk.

EDIT: I actually only use it for rendering, as a matter of minor interest.

EDIT#2: And, if I've imported a potential product into it for rendering, I'll sling the resulting scene file in with the marketplace zipfile package.

I agree with Karen and Stacey.....besides Im all out of Jelly and Noodles, so I cant torture or pelt anyone yet......:P

runs off to the store

I'm not accusing any individual here of theft but it is interesting to note that most thieves when confronted with their guilt become abusive.

And clearly you've never been the victim of identity theft.

9,000 US military veterans just became at risk for identity theft because some stupid civil servant brought home a database of veteran's social security numbers and current home addresses on their personal laptop, which was then stolen.  I was one of the veterans affected.

So you can see why, if my personal information isn't safe on a computer housed in a US Government office, I don't think it would be safe anywhere.  I'm not about to volunteer information to anyone that doesn't have a right to already know it.  Period.

I'm not saying Rosity couldn't implement such a requirement, but I'll tell you right now that I'd never enter such a contest where that was required.  And I don't think I'm alone.

I agree with Karen we need to keep this civil and with the rate of theft now a day on identity and such this would be a nightmare to say the least.  

Thanks Tom love the pic.

Quote - I'm not accusing any individual here of theft but it is interesting to note that most thieves when confronted with their guilt become abusive.

Robin Hood never felt guilty.
And what about the politicians??????

"Stupidity also evolves!" I agree with that.
"Robin Hood never felt guilty". Well we will never know of course whether a fictional character felt guilty or not.
"And what about the politicians??????" well most of them probably don't feel guilty. So this is what they have in common with warez thieves.
Though what your comments have to with abusive thieves I do not know.
You know I thought this group would like to see theft stopped but obviously not and I'm beginning to see why. Silly excuses about Identity theft of US military doesn't really work. Good bye.

My example is all about computers and information security and storage... how is it not relevant?

Renderosity collecting this information won't stop thieves, it will just restrict the number of people who enter contests.  And then they have my information, which is probably not secure.  Which means there's ANOTHER opportunity for theft.... do you see where I'm going now?

Renderosity compiling a database of serial numbers is just another opportunity for thieves to take something, via hacking or a situation like my example.  Once the number is out of my hands, I no longer have control over it.  And some thief will have better access to it.

And what is the use of a database of serial numbers? With a keygen you can create as many as you want.

Quote - And what is the use of a database of serial numbers? With a keygen you can create as many as you want.

Depending on how the keys are set up one may need to already know several valid keys in order to have a chance of cracking the scheme in a reasonable amount of time - in particular if they keys are cryptographic keys or checking the key for validity is a "one-way function"  (One way that someone could really make things difficult for a would-be cracker is to have the serial number be used to generate a key to decrypt the rest of the installer).  In that case, you would need as many keys as you can get your hands in order to create the keygen.

Keygens are not keys, are a small software that generate valid serial numbers or keys for a program, how they do the keygens I have no idea, maybe using the same code inside the program that is used to verify if a serial number is valid or not.

If I was using warez, I'd have the latest version of the programs. Yet, I don't have Photoshop CS2, I don't have Max 9, I don't have whatever version PSP is on now. I have what I have and that's what I work with. No sites and no contests I know of check licenses, why should rendo? The lovely Karen is right, it would be a nightmare to implement. Plus which, you might know that if you get a good enough warez version, the serial and all will be a legit number. It may be shared by 2000 people, but it's the real serial. And like the rest, I don't give my serial/activation numbers to anyone.

Generating and verifying keys are two different things entirely.  Reverse engineering the code that checks the validity of a serial number will not necessarily provide any information on how to actually produce valid serial numbers.  If the serial numbers function as keys to decrypt a certain block of data, one is not going to be able to easily generate any new serial numbers; at the very least they are going to need some valid ones to start with.

So while the casual pirate may be able to download a keygen to generate a serial number for some program he doesn't feel like paying for and won't have any need of a serial database; for the cracker who programmed the keygen, the database of serials may serve as a valuable resource.

One thing that greatly helped the cracking of CSS was the fact that one of the licensees didn't do enough to secure their key; once it was extracted the team was able to generate the rest of the keys.  Had that not been the case it would have taken them considerably longer to crack, possibly with the bulk of the time taken up just by trying to find that first valid key.

Quote - I don't have Max 9,

It's version 9 now?, Damn!, I'm still with Max 3!!!!

Quote - Generating and verifying keys are two different things entirely.  Reverse engineering the code that checks the validity of a serial number will not necessarily provide any information on how to actually produce valid serial numbers.  If the serial numbers function as keys to decrypt a certain block of data, one is not going to be able to easily generate any new serial numbers; at the very least they are going to need some valid ones to start with.

I don't know how they do it, but it must be something easy to be done.
A key checking algorithm must produce a definite result, with the same key the result must be always yes or no, so the process must be reversible.
You can consider the problem of key verification as a block with some algorithm where you feed the key and gives a result yes or not valid key. As the program is burned in a CD and is the same for all the users all the elements needed for decrypt the key must be present in the algorithm block. (I assume verification made off line with no internet conection).
The algorithm you can obtain by reverse engineering, the result you know and it must be YES (a valid key), so it remain to find a valid key.
If you start at the end of the code that produce the afirmative result and track back in the reverse direction you must reach valid keys that produce always positive results.

Quote - A key checking algorithm must produce a definite result, with the same key the result must be always yes or no, so the process must be reversible.

Noooooooooooooo.

The whole basis of public key encryption is that the process of encrypting a message with a public key is easily done, while the reverse (decrypting it) is not, unless you have the private key.

Go to http://en.wikipedia.org/wiki/RSA for a detailed description of how RSA encryption works.  In a nutshell you have a public key pair (n, e) that is made public, and a private key d which you keep secret.  To send an encrypted message to you one would encrypt it with your public key, and you would use your private key to decrypt it and get the original message back.  An eavesdropper who didn't have your private key would not be able to easily decrypt it (it would likely take months or even years to crack it,, depending on the size of n, which is typically very, very large - over 100 digits is quite common).

On the other hand, if I manage to steal your private key, I can easily check to see if it is in fact your private key, by encrypting a message with your public key and then decrypting it with your (suspected) private key, and see if I get back the original message.

It may seem intuitive to believe that by reverse engineering the key-checking algorithm that one can then create a program to generate valid keys, but this is not necessarily the case (it actually is possible, given enough time.  However "enough time" could turn out to be months or even years of processing time on even the fastest computers).

Quote - Noooooooooooooo.

The whole basis of public key encryption is that the process of encrypting a message with a public key is easily done, while the reverse (decrypting it) is not, unless you have the private key

The reverse is not decrypting, is to follow the algorithm in the reverse direction..

Quote - It may seem intuitive to believe that by reverse engineering the key-checking algorithm that one can then create a program to generate valid keys, but this is not necessarily the case (it actually is possible, given enough time.  However "enough time" could turn out to be months or even years of processing time on even the fastest computers).

They believe that the existence of so huge number of possible combinations would make impossible to decrypt in "enough time", that's the failure of the system.
Decryption is based on the use of intelligence and not by use of brute force of trying all the possible combinations. Nobody that discovers a program key use a computer running for years to try all the possible combinations, even a year is too much time because the program will be obsolete and a newer version was released.
Keys are discovered by the use of intelligence, human intelligence and not stupid computer intelligence, and many can be discovered in less than an hour of human work looking at the code.

All the software encryption and protection is flawed, it is flawed because all the mathematical theories involved are used out of context and wrongly applied.
In first place most of the programmers that do the protection have no idea of what are doing and have no mathematical background to deal with advanced theories, they only pick an algorithm from some software library or take it from some book and then put it in the software.
Next comes the company managers that have no idea at all what are doing, they live in Hollywood! The result is a joke.

There's a huge difference in the use of encryption in serious applications as war times and the use in common software.
The purpouse of encrypting a message is to send it without the enemy know what it is. You encrypt the message with a key using some encryption algorithm, who decrypt the message use the same or other key using some decryption algorithm.
It can look to be the same but you soon will see that software protection use it out of context:
War/spy message
You send a crypted message, the key that you use has a very short life, you only use this key for only this message or very few messages. The next message you send will be with other key, you can't give enough time your enemy to decode the key and of course your next message will not be the same as the previous one.
The enemy when intercept your coded message put to work their team of brains and use all the spies information to decode your message.
In the decrypting process there don't exist a point where you can say that you discovered the key.
You can think that you decoded when the recovered message makes some sense, but you cannot be sure.
You can also reach a point when the recovered message have no meaning to you, you continue trying to decrypt it. You hit the right key but you ignored it because you wasn't able to understand the meaning of the message.
In resume, you never are sure if you discovered the key.
Software serial number
The key and the message are always exactly the same, it never change and continue to exist until the pass of time is able to destroy all the existent CD copies of this software. A ten year old software you always can open it with a ten year old key.
The war messages are different , "move the troops to place xxx", "target is at location xxx:yyy", "meet person xxx at place yyy"
The encrypted software messages are very simple and always the same: "the key is valid, you can proceed further with the installation"
You can be 100% sure when you found the right key and 100% sure when the key is wrong.
The message transmited can be resumed to YES or NO. Only one bit of message!!!!!
The enemy  or spy needs the message and a decrypting machine.
The message and all the elements needed to decode the message are present in the software..

I shall add how useless and flawed is the use of serial numbers for protecting a software.
You purchase some software and this software is locked, you need some serial number (a key) to unlock the software so it can proceed with the installation.
The key is has several letters/numbers and some are very long, so it create a great numbers of combinations that makes impossible to discover it trying all the possible combinations.
An analogy is your house's door, it has a keylock where you put your key and so you can enter your home. Your neighbour has also a door and a key, but his key only open his door and not yours and your key only open you door and not the neighbours.
So everybody has his property protected, but this analogy is flawed, software keys do not work in the same way!
Software key must have other requirment that makes the keys of practical no use.
The company that sells the software doesn't sell one software, it sells hundreds or thousands of copies of the same software.
The softwares are sold in CDs, also in DVD today, so the company needs to make a big number of CDs to be sold. The only way of making a large number of CDs is by means of a pressing machine, you cannot burn one by one thousands with a CD burned.
For making a pressed CD you need a matrix (a master CD) and the pressing machine will done thousands of exact copies of the matrix, so one sold CD is exactly the same as other sold CD.
You cannot make the key unique to a particular CD, making each CD with an unique key it will mean that one CD will not be equal to other CD and this will kill the pressing machine.
This can be done only burning one by one with a CD burner attached to a software generator and this is only possible for very small companies that sell very few CDs per month.
The result is that  all the thousands CDs pressed with the same matrix are exactly the same and all can be unlocked by the same key, you can only change the CD and its key when the matrix  end its life and you need to create a new matrix for another thousnads and thousands of CDs.
The analogy of your house door is destroyed, now you have a new and real analogy. Your door and yours neighbour door has exactly the same keylock, with your key you enter your home, your neighbour home, the police station and the jail, your neighbour does exactly the same.
You only cannot enter a house in another city if the keylocks used in this city were made by another matrix and it must have been different to the used in your city.

As all the softwares are the same and can be unlocked by the same key, a "public key", it doesn't give the feeling of protection, so it was created a particular key.
With each CD sold is attached a particular key somewhere, in the CD cover, in the manual or in some paper. Now you have your particulart key for your home and your neighbour has a particular key for his house.
But all is a great farse and joke, you can open your neighbour's door with your key and your neighbour enter your house using his own key!!!!
It were burned 10,000 CDs you have 10,000 particular keys and each one of this 10,000 particular key is able to unlock any of the 10,000 CDs, a big joke.
The only use of this particular key is for upgrades with a discount, the company will not give two upgrades for the same key, at leats this thing they can track.
Also you can have bad luck with the upgrade, you want to make the upgrade and you discover that you cannot do it because someone did it before you, in some way he discovered your key.
This is the only reason why you must never give your serial number to anyone.

Fascinating stuff kaweki (and Talain).

Out of curiosity...how does "Hard_Lock keys" (Dongle's) stack up against (compare too) mass produced keys made from a "Gold Master Disc"(Matrix), and those encryptions used by a war department? (Anyone see "Crimson Tide"?...."I Concur Captain")

For example...Let's say I took my Lightwave dongle over to my neighbors house, and removed his dongle, and inserted mine, would I be able to run his/her version of Lightwave? (Given it's running the same Sentinel Driver)

I would think that it wouldn't work because, to my understanding, the serial number code is directly "Tied" to a specific dongle number.

BTW...although I'm sure it would drive up software cost's, I think the "Dongle Approach" would be the most secure.(although I know a dongle can be faked with a software dongle that tricks the application into thinking a hard-lock key exists, I would think that it's gotta be harder to crack).

What do you think?

Interesting turn, this thread has taken.

Tom

BTW...One reason I ask is because...as I recall...when I got the "Ozone" plug-in for Lightwave...All that E-on Software needed from me was my Lightwave hard-lock key number.Then they sent me my "permanent" serial number for Ozone (that I assume was also specifically generated to be "tied" to my dongle number...and in turn...my copy of Lightwave).

BUT!!!
With my copy of "Ozone" for Cinema 4D...E-on asked for my C4D Core application serial number before sending me my permanent serial number for Ozone

If all software used dongles...Side-Grades, plug-in's,(Contests???) etc. would only require the hard-lock key number...not the serial number.

But man...one would need one hell of a USB Hub to accommodate all those dongles...lol

Tom