Jump to content
OMRON Forums

Unique Card ID


daves

Recommended Posts

Is there a code-accessible globally unique ID for each CPU card?

 

We have customers with multiple systems with differing specifications (i.e. they have paid for advanced features on one system). We want to prevent cloning of the better system. Hiding a file / MAC addresses can be cloned.

 

Do we have to buy USB dongles (we would rather not)? Do you recommend one? (I am tempted by a UniKey STD)...

Link to comment
Share on other sites

  • Replies 10
  • Created
  • Last Reply

Top Posters In This Topic

Sorry Steve, I was talking about connecting a PC directly to the daughterboard USB socket which mounts it as a drive, running WinImage to backup one PPMAC to VHD and restore to another. It is the same approach you use to repair a bricked card (and maybe even when you commission a new card) or put your non-video image on a card.

 

Also the direct USB connection bypasses the need for root login to examine the filesystem and edit files on it as a removable drive.

 

I have pointed out this security flaw before.

Link to comment
Share on other sites

daves:

 

How about reading the hardware MAC address and hashing it to generate a unique ID, in combination with encrypting the filesystem?

 

You will also need to create a script to delete the /.readonly/etc/udev/rules.d/70-persistent-net.rules file on powerup. If this file isn't found, the kernel will automatically read the MAC address(es) from hardware instead of from disk next time it boots.

 

Then if they clone the filesystem to a different card it will generate different MAC addresses, which will hash to different ID numbers. Because the filesystem is encrypted they won't be able to change the MAC addresses.

Link to comment
Share on other sites

Thanks for the replies.

 

shansen: That sounds like an interesting idea. If we had more resources I would look into it. Not sure about encrypting the filesystem (how to do it or what it might affect...)

 

I think the risk of our customers actually bothering to "crack" our systems is very small so we are looking for a minimal effort solution. We have experience of dongles and the UniKey one seems to have linux driverless ability to get a HID or SoftID (plus other features we may find useful in future). I'm going to evaluate it.

Link to comment
Share on other sites

  • 2 weeks later...

So, I examined firmware 2.1.0.39 and see the addition of libSecureDongle. This seems to be exactly what I was asking about! Is there going to be a DT supported dongle option?

 

Should I hold off on investigating UniKey? I have some on order and to be honest we like the nano size they offer (can't see that on SecureDongle)...

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.

×
×
  • Create New...