Welcome to EDAboard.com

Welcome to our site! EDAboard.com is an international Electronic Discussion Forum focused on EDA software, circuits, schematics, books, theory, papers, asic, pld, 8051, DSP, Network, RF, Analog Design, PCB, Service Manuals... and a whole lot more! To participate you need to register. Registration is free. Click here to register now.

Register Log in

Spy program in EDA tools?

Status
Not open for further replies.

duffrose

Junior Member level 1
Joined
Jun 21, 2001
Messages
17
Helped
0
Reputation
0
Reaction score
0
Trophy points
1,281
Location
EARTH
Activity points
85
Hi:
Do you have ever heard EDA company like "C-a-d-e-n-c-e" or "S-y-n-o-p-s-y-s" or "M-e-n-t-o-r" put spy program in EDA tools, and spy program can send package back to their company including all informations when you use it? If it is true like "M-i-c-r-o-s-o-f-t" done in winxx series. It is so terrible.
 

corgan

Member level 3
Joined
Jan 15, 2002
Messages
55
Helped
0
Reputation
0
Reaction score
0
Trophy points
1,286
Activity points
319
Yes,I am not sure it's true or not, but I have ever heard a story about that.
A man were doing his design in home with the
illegle EDA tools, suddenly, he got a phone
call from synopsys, and told him that he's
using the illegle license. Some hours after,
police came,and put him in jail.

On 2002-05-02 12:19, duffrose wrote:
Hi:
Do you have ever heard EDA company like "C-a-d-e-n-c-e" or "S-y-n-o-p-s-y-s" or "M-e-n-t-o-r" put spy program in EDA tools, and spy program can send package back to their company including all informations when you use it? If it is true like "M-i-c-r-o-s-o-f-t" done in winxx series. It is so terrible.
 

duffrose

Junior Member level 1
Joined
Jun 21, 2001
Messages
17
Helped
0
Reputation
0
Reaction score
0
Trophy points
1,281
Location
EARTH
Activity points
85
How to prevent this? No internet connecting with machines you use for EDA, but we still have no answer how does EDA company do it? Or how to stop spy program? That is diffcult but interesting for h@cker at least. I am not a h@cker, still want to know the answer. And I think that collect data from user in that way is illegal.
 

dsp_

Member level 3
Joined
Mar 2, 2002
Messages
58
Helped
3
Reputation
6
Reaction score
0
Trophy points
1,286
Location
right here ... right now ...
Activity points
525
Just use any of these personal firewall will do it..
try tiny personal firewall from http://www.tinysoftware.com
or
zonealarm from
http://www.zonealarm.com
i prefer tiny's fw. there are much more but these are the most popular.

it gives you the control about which program gain access to the (inter)net.

So if the programm wants to access to the net while you are working and you know there's no automatical-update function, then somethinge strage goes on.
I don't know how far the EDA programs need access to the net for authentication matters, but the access is also restricable per IP addresses.

HTH
dsp_
 

E

erickki

Guest
I downloaded once an eval.-version program. This program (I don't remember what it was) required lic. or serial. It was sent to me by email. There was info the program requided, but there was also same info when I use 'ipconfig /all'-command. I had NIS in my computer, but it didn't work in this case. Can we trust these soft.firewalls or firewalls at all? The best way is take the cable out off the wall.
 

pardal

Member level 5
Joined
Dec 29, 2001
Messages
81
Helped
4
Reputation
8
Reaction score
2
Trophy points
1,288
Activity points
587
There are many stories like that and it hard to make our mind in which to beleave. For the interested ones look at grc.com and search for spywares in w*w.searchlores.org.
Anyway install ZoneAlarm (windows users) and I'll promise that you will be surprized by the number of apps that try to connect somewhere without your knowledge. Even filemanger ocasionaly tryies to do it (why, where?).
 

jetmarc

Member level 3
Joined
Dec 17, 2001
Messages
54
Helped
0
Reputation
0
Reaction score
0
Trophy points
1,286
Activity points
1,235
Do you have ever heard EDA company like "C-a-d-e-n-c-e" or "S-y-n-o-p-s-y-s" or "M-e-n-t-o-r" put spy program in EDA tools, and spy program can send package back to their company including all informations when you use it? If it is true like "M-i-c-r-o-s-o-f-t" done in winxx series. It is so terrible.
CADS*FT was known to have something like this in their E*GLE PCB. They worked with a PCB house and sent p*lice to those people who gave board files made with i*legal E*GLE. However, this is not exactly okay with german laws, so I think they stopped doing so since a while.

jetmarc
 

Cluricaun

Advanced Member level 2
Joined
Sep 28, 2001
Messages
627
Helped
17
Reputation
34
Reaction score
7
Trophy points
1,298
Activity points
3,315
Hi

I use NIS and it works and gives a warning message everytime a program wants to access the internet or using any of the ports. One reason if it do not work can be that the "allow automatic configuration" is checked, if you by mistake allow the program to access the ports then NIS give access to all ports and communications to the internet for this program. If you are unsecure control each programs settings in "Personal Firewall - Internet Access control". Zonealarm and tinyfirewall are both very nice FW and at least zonealarm is much easier to configure, if you do not use any today you better start. Perhaps you can try Adaware I do not know if it detects EDA SW accessing the internet.
 

TheMick

Junior Member level 1
Joined
Feb 9, 2002
Messages
17
Helped
0
Reputation
0
Reaction score
0
Trophy points
1,281
Location
Australia
Activity points
66
I use zone alarm, programs that use flexlm licenses may need access to the TCP/IP stack for license (even illegal ones) checkout.
Zone Alarm allows you to enable this and still keep them away from "The Internet at large", and it is true MS programs access remote sites for some reason, though stopping them does not appear to cause problems. ALSO do not allow automatic email updates. Always check the out mail queue even just to delete receipt confirmations from wankers using Outlook.. I hate it..
 

duffrose

Junior Member level 1
Joined
Jun 21, 2001
Messages
17
Helped
0
Reputation
0
Reaction score
0
Trophy points
1,281
Location
EARTH
Activity points
85
What I am afraid is when the flexlm access TCP/IP stack for license checkout, meanwhile, it sent packeage to somewhere of internet which we don`t know. Or you use PC to access workstation, there is a small program inside EDA tool will put some code into your PC and wait to send package to where they want to. To tell them you are using EDA tool. They can trace-back by packages if they want to. Is it possible?
 

zhoury

Junior Member level 3
Joined
Apr 25, 2002
Messages
26
Helped
0
Reputation
0
Reaction score
0
Trophy points
1,281
Activity points
172
The best way to avoid is to seperate two sub network and unplug the netwrok cable.
 

RegUser_2

Full Member level 2
Joined
Dec 24, 2001
Messages
125
Helped
11
Reputation
22
Reaction score
9
Trophy points
1,298
Activity points
1,507
I have Zonealarm running, and it does intercept some stuff.

The problem here is, that some programs (like the Mentorg's FpgaAdv) need
server privileges to operate at all, and this means for the firewall to give them this access.
 

rknem

Newbie level 1
Joined
Jan 17, 2002
Messages
1
Helped
0
Reputation
0
Reaction score
0
Trophy points
1,281
Activity points
8
RegUser_2 said:
The problem here is, that some programs (like the Mentorg's FpgaAdv) need
server privileges to operate at all, and this means for the firewall to give them this access.
I think these programs only need local/LAN server rights. You can set these separely form internet server rights in ZoneAlarm Pro.
 

sigint

Full Member level 6
Joined
Dec 31, 1999
Messages
360
Helped
22
Reputation
44
Reaction score
7
Trophy points
1,298
Location
State of total unemployment
Activity points
1,667
I think you guys are probably being a little too paranoid,

IMHO, and I do talk to EDA vendors and read their magazines.

If you use the software only for personal education, or even if you use it for an occaisional side job or for work started at your workplace that needs to be completed at home. You have nothing to worry about, and even if the EDA company finds out you are using the software and they don't want you to - no policemen will show up at your door. That is not how it works.

EDA companies are in business to make money, and they will only go after the guys that they can sue for lots of money, having a large audience able to use their software and then recommend it's purchase at work is a definite advantage, if you think about it having illegal copies available is kind of like free advertisement.

You probably have a problem if:

1. You have a business that regularly profits from the use of the software.
2. You are distributing the software along with the illegal license.

I would bet that most if you checked most cop's computers, they have tons of unlicensed softs.

SiGiNT
 

huahua

Member level 2
Joined
Sep 21, 2002
Messages
42
Helped
1
Reputation
2
Reaction score
1
Trophy points
1,288
Activity points
263
If you do auto update, info about your computer is corrected. Most of time they use the info for marketing.

I have friends at big EDA cos using cracled software all time. They just dont use the software at work. They dnot seem to be worried.
 

harkonnen

Member level 4
Joined
Apr 14, 2002
Messages
69
Helped
1
Reputation
2
Reaction score
1
Trophy points
1,288
Activity points
678
I think the people here use the software for educational reasons.

The EDA companies should actually benefit from that. It spreads the word of good software.

Many check out software at home and then ask at work to buy it for real design work. Thus, the EDA companies actually make money.
 

okguy

Full Member level 6
Joined
Mar 1, 2002
Messages
360
Helped
15
Reputation
30
Reaction score
9
Trophy points
1,298
Location
China
Activity points
2,647
Nassda use it ! They did not sue me, but came to sell me their software.

Advice : don't run nass.d if you don't need it.
 

flatulent

Advanced Member level 5
Joined
Jul 19, 2002
Messages
4,629
Helped
489
Reputation
980
Reaction score
150
Trophy points
1,343
Location
Middle Earth
Activity points
46,689
two methods

There are two things they can do. The simple thing is to send a message to the company. Your IP address will be there and they can trace you from that.

The other way involves the information about you that you filled in when the system was installed. Do you notice that when new programs are loaded some show your name and other information already filled in?

There are several software firewall programs that will check for programs sending messages and stop them and ask you if you give permission for this.

Could someone with detailed knowledge of operating systems post the file name that contains this information so that privacy minded people can fill in what they want now they know what it can be used for?

[added thing: The information you fill in when you load the program can also be sent. I always fill in realistic but false information whenever the receiver has no real need for the right information.]
 

Status
Not open for further replies.

Part and Inventory Search

Welcome to EDABoard.com

Sponsor

Top