imported>Notdexterslab: Reference edited with ProveIt #proveit Adding/improving reference(s)

2025-11-13T02:23:40Z

Reference edited with ProveIt #proveit Adding/improving reference(s)

New page

{{Short description|Electronic software copy protection device}}
{{more citations needed|date=March 2008}}

A '''software protection dongle''' (commonly known as a '''dongle''' or '''key''') is an electronic [[copy protection]] and content protection device. When connected to a computer or other electronics, they unlock software functionality or decode [[Content (media)|content]].<ref>{{cite book |last1=Amos |first1=S. W. |url=https://archive.org/details/newnesdictionary0000amos_o3q0 |title=Newnes Dictionary of Electronics |last2=Amos |first2=Roger S. |publisher=[[Newnes Press]] |year=2002 |isbn=0750643315 |edition=4th |page=[https://archive.org/details/newnesdictionary0000amos_o3q0/page/152 152] |oclc=144646016 |url-access=registration |accessdate=4 July 2013}}</ref> The hardware key is programmed with a [[product key]] or other cryptographic protection mechanism and functions via an electrical connector to an [[external bus]] of the computer or appliance.<ref>{{cite book |last=Stobbs |first=Gregory A. |url=https://books.google.com/books?id=Rn1vZWqSuNYC&pg=SA2-PA90 |title=Software Patents |publisher=[[Wolters Kluwer]] |year=2012 |isbn=9781454811978 |edition=Third |pages=2–90 |oclc=802867781 |accessdate=4 July 2013}}</ref>

In software protection, dongles are two-interface security tokens with transient data flow with a pull{{clarify|date=January 2021}} communication that reads security data from the dongle. In the absence of these dongles, certain software may run only in a restricted mode, or not at all. In addition to software protection, dongles can enable functions in electronic devices, such as receiving and processing encoded video streams on television sets.
[[File:Hasp4 lpt dongle.jpg|thumb|HASP (Hardware Against Software Piracy) key dongle for LPT port]]

==Etymology==
The Merriam-Webster dictionary states that the "First known use of [[dongle]]" was in 1981 and that the etymology was "perhaps [an] alteration of dangle."<ref>{{cite web |title=Dongle |url=https://www.merriam-webster.com/dictionary/dongle |url-status=live |archive-url=http://web.archive.org/web/20251002030019/https://www.merriam-webster.com/dictionary/dongle |archive-date=2025-10-02 |accessdate=11 June 2019 |publisher=Merriam-Webster}}</ref>

[[File:Parallel-Port-Dongle-Front.jpg|thumb|A Rainbow Tech parallel port dongle PCB, front side. Note the numbers rubbed off the chips to make reverse engineering harder.]]

[[File:Parallel-Port-Dongle-Back.jpg|thumb|A Rainbow Tech parallel port dongle PCB, back side]]

Dongles rapidly evolved into active devices that contained a serial transceiver ([[Universal asynchronous receiver/transmitter|UART]]) and even a [[microprocessor]] to handle transactions with the host. Later versions adopted the [[Universal Serial Bus|USB]] interface, which became the preferred choice over the [[serial port|serial]] or parallel interface.{{Citation needed|date=June 2021}}

A 1992 advertisement for [[Rainbow Technologies]] claimed the word dongle was derived from the name "Don Gall". Though untrue, this has given rise to an [[urban myth]].<ref>{{Cite magazine |last=Rainbow Technologies |date=August 1992 |title=Why do they call it a dongle? |url=https://archive.org/details/byte-magazine-1992-08/page/n147/mode/2up |access-date=12 November 2025 |magazine=Byte Magazine |page=133 |language=English |volume=17 |issue=8}}</ref>

== Usage ==
[[Image:Parallel-port-dongle.jpg|thumb|[[Daisy chain (electrical engineering)|Daisy-chained]] parallel port copy protection dongles.]]
Efforts to introduce dongle copy-protection in the mainstream software market have met stiff resistance from users. Such copy-protection is more typically used with very expensive packages and [[vertical market]] software such as [[Computer-aided design|CAD]]/[[Computer-aided manufacturing|CAM]] software, [[JTAG|cellphone flasher/JTAG debugger software]], [[MICROS Systems]] hospitality and special retail software, [[digital audio workstation]] applications, and some [[translation memory]] packages.

In cases such as prepress and printing software, the dongle is encoded with a specific, per-user license key, which enables particular features in the target application. This is a form of tightly controlled licensing, which allows the vendor to engage in vendor lock-in and charge more than it would otherwise for the product. An example is the way [[Kodak]] licenses [[Prinergy]] to customers: When a [[Computer to plate|computer-to-plate]] output device is sold to a customer, Prinergy's own license cost is provided separately to the customer, and the base price contains little more than the required licenses to output work to the device.

USB dongles are also a big part of [[Steinberg]]'s audio production and editing systems, such as [[Steinberg Cubase|Cubase]], WaveLab, Hypersonic, [[HALion]], and others. The dongle used by Steinberg's products is also known as a Steinberg Key. The Steinberg Key can be purchased separately from its counterpart applications and generally comes bundled with the "Syncrosoft License Control Center" application, which is cross-platform compatible with both Mac OS X and Windows.

Some software developers use traditional USB flash drives as software license dongles that contain hardware serial numbers in conjunction with the stored device ID strings, which are generally not easily changed by an end-user. A developer can also use the dongle to store user settings or even a complete "portable" version of the application. Not all flash drives are suitable for this use, as not all manufacturers install unique serial numbers into their devices.

Although such medium security may deter a casual hacker, the lack of a processor core in the dongle to authenticate data, perform encryption/decryption, and execute inaccessible binary code makes such a passive dongle inappropriate for all but the lowest-priced software. A simpler and even less secure option is to use unpartitioned or unallocated storage in the dongle to store license data. Common USB flash drives are relatively inexpensive compared to dedicated security dongle devices, but reading and storing data in a flash drive are easy to intercept, alter, and bypass.

===Issues===
There are potential weaknesses in the implementation of the protocol between the dongle and the copy-controlled software. For example, a simple implementation might define a [[subprogram|function]] to check for the dongle's presence, returning "true" or "false" accordingly, but the dongle requirement can be easily circumvented by modifying the software to always answer "true".

Modern dongles include built-in strong encryption and use fabrication techniques designed to thwart [[reverse engineering]]. Typical dongles also now contain [[non-volatile storage|non-volatile memory]] — essential parts of the software may actually be stored and executed on the dongle. Thus dongles have become [[secure cryptoprocessor]]s that execute program instructions that may be input to the cryptoprocessor only in encrypted form. The original secure cryptoprocessor was designed for copy protection of personal computer software (see US Patent 4,168,396, Sept 18, 1979)<ref>{{Cite web |last=Best |first=Robert M. |orig-date=1977-10-31 |title=US4168396A: Microprocessor for executing enciphered programs |url=https://patents.google.com/patent/US4168396 |url-status=live}}</ref>to provide more security than dongles could then provide. See also [[bus encryption]].

Hardware cloning, where the dongle is emulated by a device driver, is also a threat to traditional dongles. To thwart this, some dongle vendors adopted [[smart card product]], which is widely used in extremely rigid security requirement environments such as military and banking, in their dongle products.

A more innovative modern dongle is designed with a [[code porting]] process which transfers encrypted parts of the software vendor's program code or license enforcement into a secure hardware environment (such as in a smart card OS, mentioned above). An [[Independent software vendor|ISV]] can port thousands of lines of important [[computer program]] code into the dongle.{{citation needed|date=December 2012}}

In addition, dongles have been criticized because as they are [[Computer hardware|hardware]], they are easily lost and prone to damage, potentially increasing operational costs such as device cost and delivery cost.

[[Jerry Pournelle]] in 1988 identified another problem with dongles: A possible security flaw. "I don't know what the thing is doing ... For all I know, the gizmo may infect my machine with a [[computer virus|virus]]".<ref name="pournelle198807">{{Cite magazine |last=Pournelle |first=Jerry |date=July 1988 |title=Dr. Pournelle vs. The Virus |url=https://archive.org/details/byte-1988-07_202104/page/197/mode/1up?view=theater |access-date=2025-04-12 |magazine=BYTE |pages=197-207}}</ref>

==Game consoles==
Some unlicensed titles for [[game console]]s (such as ''[[Super 3D Noah's Ark]]'' or ''[[Little Red Hood]]'') used dongles to connect to officially licensed [[ROM cartridge]]s, in order to circumvent the authentication chip embedded in the console.{{citation needed|date=March 2012}}

Some [[cheat code]] devices, such as the [[GameShark]] and [[Action Replay]] use a dongle. Typically it attaches to the memory card slot of the system, with the disc based software refusing to work if the dongle is not detected. The dongle is also used for holding settings and storage of new codes, added either by the user or through official updates, because the disc, being read only, cannot store them. Some dongles will also double as normal memory cards.{{citation needed|date=March 2012}}

==Further reading==
* {{Cite journal |last=Jozwiak |first=Ireneusz J. |last2=Marczak |first2=Krzysztof |date=2007 |title=A Hardware-Based Software Protection Systems - Analysis of Security Dongles with Time Meters |url=https://ieeexplore.ieee.org/document/4272917/ |journal=2nd International Conference on Dependability of Computer Systems (DepCoS-RELCOMEX '07) |publisher=[[IEEE]] |pages=254–261 |doi=10.1109/DEPCOS-RELCOMEX.2007.6 |isbn=0-7695-2850-3 |url-access=subscription |access-date=2025-11-12 |via=IEEEXplore}}
* {{Cite journal |last=Piazzalunga |first=Ugo |last2=Salvaneschi |first2=Paolo |last3=Balducci |first3=Francesco |last4=Jacomuzzi |first4=Pablo |last5=Moroncelli |first5=Cristiano |date=2007 |title=Security Strength Measurement for Dongle-Protected Software |url=https://ieeexplore.ieee.org/document/4402444/ |journal=IEEE Security & Privacy |volume=5 |issue=6 |pages=32–40 |doi=10.1109/MSP.2007.176 |issn=1558-4046 |url-access=subscription}}
* {{Cite conference |last=Wang |first=Ruoyu |last2=Shoshitaishvili |first2=Yan |last3=Kruegel |first3=Christopher |last4=Vigna |first4=Giovanni |date=2013 |title=Steal This Movie: Automatically Bypassing {DRM} Protection in Streaming Media Services |url=https://www.usenix.org/conference/usenixsecurity13/technical-sessions/paper/wang_ruoyu |conference=22nd USENIX Security Symposium |language=en |pages=687–702 |isbn=978-1-931971-03-4 |via=usenix.org}}

==See also==
* [[Digital rights management]]
* [[License manager]]
* [[Lock-out chip]]
* [[Product activation]]
* [[Security token]]
* [[Trusted client]]
* [[Software monetization]]

==References==
{{Reflist}}

==External links==
* [http://www.catb.org/~esr/jargon/html/D/dongle.html Jargon File: dongle]

{{Software distribution}}
{{Authority control}}

{{DEFAULTSORT:Dongle, software protection}}
[[Category:Copyright infringement of software]]
[[Category:Copy protection]]
[[Category:Digital rights management]]
[[Category:Proprietary hardware]]
[[Category:Software licensing]]
[[Category:Warez]]

Software protection dongle - Revision history

imported>Notdexterslab: Reference edited with ProveIt #proveit Adding/improving reference(s)