A software protection dongle (commonly known as a dongle or key) is an electronic

copy protection Copy protection, also known as content protection, copy prevention and copy restriction, is any measure to enforce copyright by preventing the reproduction of software, films, music, and other media. Copy protection is most commonly found on vid ...

and content protection device. When connected to a computer or other electronics, they unlock software functionality or decode content. The hardware key is programmed with a

product key A product key, also known as a software key, serial key or activation key, is a specific software-based key for a computer program. It certifies that the copy of the program is original. Product keys consist of a series of numbers and/or letters ...

or other cryptographic protection mechanism and functions via an electrical connector to an external bus of the computer or appliance. In software protection, dongles are two-interface security tokens with transient data flow with a pull communication that reads security data from the dongle. In the absence of these dongles, certain software may run only in a restricted mode, or not at all. In addition to software protection, dongles can enable functions in electronic devices, such as receiving and processing encoded video streams on television sets. Hasp4 lpt dongle

Etymology

The Merriam-Webster dictionary states that the "First known use of

dongle A dongle is a small piece of computer hardware that connects to a port on another device to provide it with additional functionality, or enable a pass-through to such a device that adds functionality. In computing, the term was initially synony ...

" was in 1981 and that the etymology was "perhaps nalteration of dangle." Parallel-Port-Dongle-Front

Dongles rapidly evolved into active devices that contained a serial transceiver (

UART A universal asynchronous receiver-transmitter (UART ) is a peripheral device for asynchronous serial communication in which the data format and transmission speeds are configurable. It sends data bits one by one, from the least significant to ...

) and even a

microprocessor A microprocessor is a computer processor (computing), processor for which the data processing logic and control is included on a single integrated circuit (IC), or a small number of ICs. The microprocessor contains the arithmetic, logic, a ...

to handle transactions with the host. Later versions adopted the

USB Universal Serial Bus (USB) is an industry standard, developed by USB Implementers Forum (USB-IF), for digital data transmission and power delivery between many types of electronics. It specifies the architecture, in particular the physical ...

interface, which became the preferred choice over the serial or parallel interface. A 1992 advertisement for Rainbow Technologies claimed the word dongle was derived from the name "Don Gall". Though untrue, this has given rise to an

urban myth Urban legend (sometimes modern legend, urban myth, or simply legend) is a genre of folklore concerning stories about an unusual (usually scary) or humorous event that many people believe to be true but largely are not. These legends can be e ...

Usage

Efforts to introduce dongle copy-protection in the mainstream software market have met stiff resistance from users. Such copy-protection is more typically used with very expensive packages and

vertical market A vertical market is a market in which vendors offer goods and services ''specific'' to an industry, trade, profession A profession is a field of Work (human activity), work that has been successfully professionalized. It can be defined a ...

software such as CAD/

CAM Cam or CAM may refer to: Science and technology * Cam (mechanism), a mechanical linkage which translates motion * Camshaft, a shaft with a cam * Camera or webcam, a device that records images or video In computing * Computer-aided manufacturin ...

software, cellphone flasher/JTAG debugger software,

MICROS Systems Micros Systems, Inc. was an American computer company who manufactured hardware and developed software and services for the restaurant point of sale, hotel, hospitality, sports and entertainment venues, casinos, cruise lines, specialty retail ma ...

hospitality and special retail software,

digital audio workstation A digital audio workstation (DAW ) is an electronic device or application software used for Sound recording and reproduction, recording, editing and producing audio files. DAWs come in a wide variety of configurations from a single software pr ...

applications, and some

translation memory A translation memory (TM) is a database that stores "segments", which can be sentences, paragraphs or sentence-like units (headings, titles or elements in a list) that have previously been translated, in order to aid human translators. The trans ...

packages. In cases such as prepress and printing software, the dongle is encoded with a specific, per-user license key, which enables particular features in the target application. This is a form of tightly controlled licensing, which allows the vendor to engage in vendor lock-in and charge more than it would otherwise for the product. An example is the way

Kodak The Eastman Kodak Company, referred to simply as Kodak (), is an American public company that produces various products related to its historic basis in film photography. The company is headquartered in Rochester, New York, and is incorporated i ...

licenses Prinergy to customers: When a

computer-to-plate Computer-to-plate (CTP) is an Reprography, imaging technology used in modern printing processes. In this technology, an image created in a desktop publishing (DTP) application is output directly to a lithography, printing plate. This compares wi ...

output device is sold to a customer, Prinergy's own license cost is provided separately to the customer, and the base price contains little more than the required licenses to output work to the device. USB dongles are also a big part of

Steinberg Steinberg Media Technologies GmbH (trading as Steinberg; ) is a German musical software and hardware company based in Hamburg. It develops software for writing, recording, arranging and editing music, most notably Cubase, Nuendo, and Dorico. It ...

's audio production and editing systems, such as

Cubase Cubase is a digital audio workstation (DAW) developed by Steinberg for music and MIDI recording, arranging and editing. The first version, which was originally only a MIDI sequencer and ran on the Atari ST computer, was released in 1989. Cut-do ...

, WaveLab, Hypersonic, HALion, and others. The dongle used by Steinberg's products is also known as a Steinberg Key. The Steinberg Key can be purchased separately from its counterpart applications and generally comes bundled with the "Syncrosoft License Control Center" application, which is cross-platform compatible with both Mac OS X and Windows. Some software developers use traditional USB flash drives as software license dongles that contain hardware serial numbers in conjunction with the stored device ID strings, which are generally not easily changed by an end-user. A developer can also use the dongle to store user settings or even a complete "portable" version of the application. Not all flash drives are suitable for this use, as not all manufacturers install unique serial numbers into their devices. Although such medium security may deter a casual hacker, the lack of a processor core in the dongle to authenticate data, perform encryption/decryption, and execute inaccessible binary code makes such a passive dongle inappropriate for all but the lowest-priced software. A simpler and even less secure option is to use unpartitioned or unallocated storage in the dongle to store license data. Common USB flash drives are relatively inexpensive compared to dedicated security dongle devices, but reading and storing data in a flash drive are easy to intercept, alter, and bypass.

Issues

There are potential weaknesses in the implementation of the protocol between the dongle and the copy-controlled software. For example, a simple implementation might define a function to check for the dongle's presence, returning "true" or "false" accordingly, but the dongle requirement can be easily circumvented by modifying the software to always answer "true". Modern dongles include built-in strong encryption and use fabrication techniques designed to thwart

reverse engineering Reverse engineering (also known as backwards engineering or back engineering) is a process or method through which one attempts to understand through deductive reasoning how a previously made device, process, system, or piece of software accompl ...

. Typical dongles also now contain

non-volatile memory Non-volatile memory (NVM) or non-volatile storage is a type of computer memory that can retain stored information even after power is removed. In contrast, volatile memory needs constant power in order to retain data. Non-volatile memory typ ...

— essential parts of the software may actually be stored and executed on the dongle. Thus dongles have become

secure cryptoprocessor A secure cryptoprocessor is a dedicated computer-on-a-chip or microprocessor for carrying out cryptographic operations, embedded in a packaging with multiple physical security measures, which give it a degree of tamper resistance. Unlike cryp ...

s that execute program instructions that may be input to the cryptoprocessor only in encrypted form. The original secure cryptoprocessor was designed for copy protection of personal computer software (see US Patent 4,168,396, Sept 18, 1979)US Patent 4,168,396
/ref> to provide more security than dongles could then provide. See also bus encryption. Hardware cloning, where the dongle is emulated by a device driver, is also a threat to traditional dongles. To thwart this, some dongle vendors adopted smart card product, which is widely used in extremely rigid security requirement environments such as military and banking, in their dongle products. A more innovative modern dongle is designed with a code porting process which transfers encrypted parts of the software vendor's program code or license enforcement into a secure hardware environment (such as in a smart card OS, mentioned above). An ISV can port thousands of lines of important

computer program A computer program is a sequence or set of instructions in a programming language for a computer to Execution (computing), execute. It is one component of software, which also includes software documentation, documentation and other intangibl ...

code into the dongle. In addition, dongles have been criticized because as they are hardware, they are easily lost and prone to damage, potentially increasing operational costs such as device cost and delivery cost.

Jerry Pournelle Jerry Eugene Pournelle (; August 7, 1933 – September 8, 2017) was an American scientist in the area of operations research and ergonomics, human factors research, a science fiction writer, essayist, journalist, and one of the first bloggers. ...

in 1988 identified another problem with dongles: A possible security flaw. "I don't know what the thing is doing ... For all I know, the gizmo may infect my machine with a

virus A virus is a submicroscopic infectious agent that replicates only inside the living Cell (biology), cells of an organism. Viruses infect all life forms, from animals and plants to microorganisms, including bacteria and archaea. Viruses are ...

Game consoles

Some unlicensed titles for

game console A video game console is an electronic device that outputs a video signal or image to display a video game that can typically be played with a game controller. These may be home consoles, which are generally placed in a permanent location conne ...

s (such as '' Super 3D Noah's Ark'' or '' Little Red Hood'') used dongles to connect to officially licensed

ROM cartridge A ROM cartridge, usually referred to in context simply as a cartridge, cart, cassette, or card, is a replaceable part designed to be connected to a consumer electronics device such as a home computer, video game console or, to a lesser extent, ...

s, in order to circumvent the authentication chip embedded in the console. Some

cheat code Cheating in video games involves a video game player using various methods to create an advantage beyond normal gameplay, usually in order to make the game easier. Cheats may be activated from within the game itself (a cheat code implemented by ...

devices, such as the

GameShark GameShark is the brand name of a line of video game cheat cartridges and other products for a variety of console video game systems and Windows-based computers. Since January 23, 2003, the brand name has been owned by Mad Catz, which marketed G ...

and

Action Replay Action Replay is the brand name of a cheating device (such as cheat cartridges) created by Datel. The Action Replay is available for many computer and gaming systems including Commodore 64, Amiga, IBM PC, Nintendo DS, Nintendo DSi, Nintendo ...

use a dongle. Typically it attaches to the memory card slot of the system, with the disc based software refusing to work if the dongle is not detected. The dongle is also used for holding settings and storage of new codes, added either by the user or through official updates, because the disc, being read only, cannot store them. Some dongles will also double as normal memory cards.

References

External links

Jargon File: dongle
{{DEFAULTSORT:Dongle, software protection Copyright infringement of software Copy protection Digital rights management Proprietary hardware Software licensing Warez