USB Serial Number

Rectal_Exam-bot · July 8, 2009, 4:37pm

Here is what I was thinking: How would somebody go about making a hardware key if they were so inclined? I have an idea that would involve a USB flash drive but couldn’t see a way to keep just anybody from duplicating it by copying it’s contents on to a different USB drive, until I saw the following in the Disk Utility -

It seems like I could use the Disk Description, Connection Bus, and USB Serial Number to confirm the identity of the hardware key but apparently you can’t script Disk Utility. Info For only gives me the following -

[b]name:“USB Backup”, creation date:date “Wednesday, April 29, 2009 02:38:26 PM”, modification date:date “Thursday, July 02, 2009 12:45:07 AM”, size:missing value, folder:true, alias:false, package folder:false, visible:true, extension hidden:false, name extension:missing value, displayed name:“USB Backup”, default application:alias “Macintosh HD:System:Library:CoreServices:Finder.app:”, kind:“Volume”, folder window:{0, 0, 0, 0}, file type:"

StefanK · July 8, 2009, 5:01pm

Hi,

you can get the disk information by parsing the System Profiler

do shell script "system_profiler SPUSBDataType"

Rectal_Exam-bot · July 8, 2009, 5:19pm

Thanks Stefan. I just knew the answer was going to be a shell script, guess I need to quit dragging my feet and learn shell scripting too.


set lTest to (do shell script "system_profiler SPUSBDataType") as text

if lTest contains "Product ID: 0x1607" and lTest contains "Vendor ID: 0x0951" and lTest contains "Serial Number: 001000000000000000000279" then
	display dialog "Found!"
	
else
	display dialog "Not found."
end if

Works great. As an observation I noticed that it is detected whether the drive is mounted or not just so long as it is attached. Again, thanks for the starting point.

CalvinFold · July 8, 2009, 11:34pm

If I understand this right, you just created a poor-man’s, DIY dongle?

How “secure” is this in reality, for the picky among us?
(I’m sure it’s “secure enough” for most folks, I’m just curious how secure that really is.)

Rectal_Exam-bot · July 9, 2009, 7:34am

No idea at all. I guess it depends on how motivated someone is to bypass it, all I know is - nothing is completely secure. I just thought it might be worth looking at as an exercise, I had a 3D software from my Amiga 500 days that used a serial dongle, and it seemed pretty effective.

CalvinFold · July 9, 2009, 3:12pm

Oh lots of software still use dongles…one category I know is high-end printer RIP software. EFI and Onyx both use dongles.

Was just curious. Yeah, nothing is completely secure. I did my share of such activities as a teen, and never underestimate hackers, crackers, or even semi-clever script kiddies. Fact is, I get a laugh out of “adults” who dismiss the abilities of hackers…to their own folly. We should all be glad most of the folks capable of such deeds either don’t, or only do it for the challenge and not for outright malicious reasons. Otherwise, such geeks could probably bring the world to it’s knees.