Bad choice to use USB key id for license..


Recommended Posts

An intriguing idea for a read-only capability for all drives without a key.  Technically you have that already since each drive is independently readable, but from a simplicity and customer service POV that is not a horrible idea.  It certainly would make transfering data to a new server much easier, and would make the time waiting for a replacement key much more tolerable.

 

Hopefully Tom is watching this thread, and hasn't already considered and discounted the idea fo reasons unknown.

 

I have to ask: what are these cheap usb flashes you are buying that are failing in droves?  Seriously, there are good ones out there.  Look into an SLC based flash if you demand endurance and long term data stability.  A simple google search for "slc usb flash" is a great place to start.

 

 

Link to comment
  • Replies 99
  • Created
  • Last Reply

Top Posters In This Topic

 

The real world MTBF of a mechanical drive that does stuff is terrible compared to a quality USB thumb that basically does nothing.

 

I've had dozens of hard disks fail on me too, but I would have had 90% of thumb drives fail at some point, which is worse.. I pretty much hate thumb drives, and would never put anything critical on them.

 

 

How many of these failed thumb drives were used in the very specific way unRAID does minimizing the use of writes to almost zero. I propose that most of the bad sentiment people have to thumb drive is because whilst, yes they do break, most do because of they are used.

 

I am not saying they are more reliable than HDD, they simply are not by any stretch, but they have no moving parts and if used in the right way can last a very long time indeed.

 

I am not a huge fan of the unRAID licensing technique but it is a pretty secure and easy to implement one and for want of something better what we have works pretty well i would say.

Link to comment
I am not a huge fan of the unRAID licensing technique but it is a pretty secure and easy to implement one and for want of something better what we have works pretty well i would say.

I like it better than others schemes that lock you to a specific MB/CPU/other devices.  unRAID can be moved to almost any computer at will.  I don't have to contact Tom when I want to move my unRAID system to a new PC with the current scheme.
Link to comment

Definitely agree. OEM magic mystery locked to some random hardware is a nonsense.

 

Dont get me wrong the only thing I dont like about the unRAID scheme is that it is tied to hardware that can break. But I would say that is an acceptable small evil.

 

I am prepared to bet a good percentage of failed USBs is because people are using them for stuff as well e.g plugin data

 

Ideally the license key would be mounted RO by default but people would just bypass this.

Link to comment

Definitely agree. OEM magic mystery locked to some random hardware is a nonsense.

 

Dont get me wrong the only thing I dont like about the unRAID scheme is that it is tied to hardware that can break. But I would say that is an acceptable small evil.

 

I am prepared to bet a good percentage of failed USBs is because people are using them for stuff as well e.g plugin data

 

Ideally the license key would be mounted RO by default but people would just bypass this.

Sounds great to me.  A flash limited to RO would last a very long time.  Especially if NOTHING but the GUID was read from it even when booting.
Link to comment

I would put Licensing VERY LOW on the list of concerns for most unRAID customers and dongles are prevalent and been around a long time.

 

Assuming Limetech were to come up with a new Software License not tied to a dongle...

 

1. I could easily post mine on the Web and anyone who wanted a "Fully Registered" Version could just use my key.

 

2. Name any software where I can't go download a Key Creator or hack to get around the Software License.

 

3. Even if you require unRAID to check / double check the key by connecting to the internet... People still get around that too.

 

4. Due to 1, 2 and 3... That is why you see plenty of Proprietary Software / Hardware solutions that use Dongles.

 

Lime Technologies doesn't have Microsoft's resources, man power, money, etc. Microsoft tries their very best to make sure you can't hack their software but to date... Every Microsoft product known to man has been hacked / cracked.

 

Image the cost / time associated with trying to come up with some alternative software license that WILL be cracked / hacked. Tom might as well give unRAID away for free because if he goes away from a Dongle... It will be free whether Lime Technologies likes it or not.

 

It's a fools errand, waste of time and will not accomplish anything in the end.

Link to comment

Definitely agree. OEM magic mystery locked to some random hardware is a nonsense.

 

Dont get me wrong the only thing I dont like about the unRAID scheme is that it is tied to hardware that can break. But I would say that is an acceptable small evil.

 

I am prepared to bet a good percentage of failed USBs is because people are using them for stuff as well e.g plugin data

 

Ideally the license key would be mounted RO by default but people would just bypass this.

Sounds great to me.  A flash limited to RO would last a very long time.  Especially if NOTHING but the GUID was read from it even when booting.

 

 

I've have long hoped for a check if present option rather then actually using the flash in rw mode.

I have to say though, use of a card reader does ease my concern a great deal. While I've had sd cards die, I was still able to fix and function.

Link to comment

It's funny this came up, as I had my key replaced today. My old flash drive was ~4 years old and might have been hammered on by a few add-ins that whole time  :P It took a few hours max, great service I'd say. I guess I should have replaced it with a card reader, but life is too short to worry about this kind of stuff. Here's to another 4 years!

Link to comment

I've been here since the very start, have always run either one or two servers (at upgrade times) and am still using one of my original thumbs. One did fail but was replaced within 24 hours. No biggy.

 

For what its worth I love the fact its not tied to a motherboard/hrdware and we can just throw a new one in without issue, I've had far more motherboards than keys over the years as the product has progressed to using sata drives and different controllers, onboard sata ports, faster controllers, extra drives, cache drives etc.

Link to comment

Dont get me wrong the only thing I dont like about the unRAID scheme is that it is tied to hardware that can break.

Do you have any other solution?

For an example I use a non-public software tied to the HDD and the Motherboard and trust me it is much more inconvenient.

 

Essentially I think we all agree that the using the GUID of a SUB flash is not only a good solution but really the only viable one.

 

There was some talk of making unRAID a two USB model with one USB where the licesne sits and is mounted RO and another for the OS. In fact some people have done this already but for it to be useful it should really be the default.

 

I still reckon most USB failures fall into:

 

# Using some poor quality a.k.a "a conference give-away"

# Using the USB like a HDD, predominately addons hammering it

 

This wouldnt solve the problem but it would likely make it far less of one.

 

Update: Obviously the SD card reader is another superb solution. The problem is that its not always so easy to get one. I have purchased 3 different models to experiment with and all three were not unique ids. I believe to date the community have discovered only one that we can be pretty sure works (and even then you need a specific version of it). It would perhaps be a good idea if Limetech went on a buying spree and purchased two of every viable SD reader on the market and then made some recommendations. I cant see this being very expensive and might in the end pay off in terms of saved manpower.

Link to comment

I don't find the usb dongle as a license to be such an issue, it's the limited writes that create the issue.

 

Many commercial software products use the pace ilok anti-piracy method.

https://www.ilok.com/

 

It's the same kind of idea that limetech is using, only there's a third party in the middle.

They have options such as temporary license, etc, etc.

 

In comparison, a license file on a USB key or Card reader is what helps keep third parties and other hidden costs out of the equation.

 

I think the only thing we really need is the ability to login to our customer account and move a license.

 

For now that means a new key tied to a GUID.

 

If we had the ability to retire a GUID, thus giving our account the license back.

Then re-license a new GUID it would alleviate allot of concern.

 

This would require some forethought by limetech.

A customer portal.

A database of licenses and allocations to a customer account.

A function in emhttp that would licences a GUID, update the customer's allocation of licenses or log the GUID, etc, etc.

The ability to un license an allocated license/GUID pair.

 

The pace iLok mechanism certainly works, but that's also a $50 proposal for every key.

Then there is a third party

plus whatever fees limetech has to absorb to use it.

The windows/MAC OS/X software and interface.

 

So FWIW, the way unRAID is licensed now, we get off pretty easy.

Link to comment

For the record a lot of software has their license on usb keys all being more then $1k in price. It's common practice....  Not that I don't disagree its worrisome if the key dies (going on 4years on my current one). But Tom is good about issuing another key and the second time around I got a card reader. Good enough for me..

Link to comment

 

I think the only thing we really need is the ability to login to our customer account and move a license.

 

For now that means a new key tied to a GUID.

 

If we had the ability to retire a GUID, thus giving our account the license back.

Then re-license a new GUID it would alleviate allot of concern.

 

 

 

the problem with that is that the license file has already been granted and as previously mentioned not all unraid servers have internet access so that means there no way to invalid the license file that is in use.....

Link to comment

 

I think the only thing we really need is the ability to login to our customer account and move a license.

 

For now that means a new key tied to a GUID.

 

If we had the ability to retire a GUID, thus giving our account the license back.

Then re-license a new GUID it would alleviate allot of concern.

 

 

 

the problem with that is that the license file has already been granted and as previously mentioned not all unraid servers have internet access so that means there no way to invalid the license file that is in use.....

 

Agree.  Tom is already very trusting in not requiring folks to mail in failed flash drives to get free replacements ... and moving the "replacement" function to individuals would make the potential for abuse of this privilege FAR easier.    This could only work if the system was required to have internet access ... and did a check via internet connection at each boot to confirm the current key wasn't on a "disabled" list on LimeTech's servers -- a hassle for both LimeTech and the UnRAID users.

 

I agree the current system works very well -- if a short downtime when a replacement is needed is a problem, then keep a spare key.    Tom makes that very easy by selling a 2nd key for only $30 more when you buy your keys.

 

A hardware dongle would also work; and these almost never fail ... but they're far more expensive than a flash drive, and if they DID fail could not be replaced via an e-mail (or for free).

 

There are lots of changes it'd be nice to see in UnRAID, but the way it boots isn't one of them.

 

Link to comment

 

I think the only thing we really need is the ability to login to our customer account and move a license.

 

For now that means a new key tied to a GUID.

 

If we had the ability to retire a GUID, thus giving our account the license back.

Then re-license a new GUID it would alleviate allot of concern.

 

 

the problem with that is that the license file has already been granted and as previously mentioned not all unraid servers have internet access so that means there no way to invalid the license file that is in use.....

 

Many music systems do not have internet access either.

 

Pace still requires you to install their client.  It puts the license file on your iLok from any system via the internet and you are done.

The system downloading the license must have internet access.  Or you purchase a pre-licensed key.

protools and larger software packages already come with a licensed key.

 

While you cannot revoke a license by using a drop this key on a usb flash method, you can certainly revoke the license inside emhttp at the next upgrade or stay in basic mode.

This means the next version will not accept the revoked key.

Unfortunately, They key has to be validated online or data is stored in emhttp.

 

There's possibly a way to store the revoked keys in the .key file too, Who knows.

 

The other choice is to require the failed key to be returned.

 

iLok requires the return of the failed key.

They inspect it, when validated with the software companies, they put the licenses back into your account.

You then install the license on another iLok.

They also have an 'insurance'(temporary license) service.

If you claim your ilok is bad, they put a temporary license in your account to keep you working until the failed ilok is returned.

At that point it becomes permanent or it times out.

 

This really isn't much different then other software.

Microsoft windows requires internet access to activate unless you purchase, an installed, pre-activated machine.

If you re-install,  many times it requires internet access to activate.

if it fails, you have to call someone.

 

So maybe limetech puts a limit as to how many revocations and re-license operations can be performed before some form of contact must occur to inspect the situation.

 

In any case, we don't know how many times a guid has to be licensed due to failure. That's limetech's call.

Link to comment

 

I think the only thing we really need is the ability to login to our customer account and move a license.

 

For now that means a new key tied to a GUID.

 

If we had the ability to retire a GUID, thus giving our account the license back.

Then re-license a new GUID it would alleviate allot of concern.

 

the problem with that is that the license file has already been granted and as previously mentioned not all unraid servers have internet access so that means there no way to invalid the license file that is in use.....

 

Agree.  Tom is already very trusting in not requiring folks to mail in failed flash drives to get free replacements ... and moving the "replacement" function to individuals would make the potential for abuse of this privilege FAR easier.    This could only work if the system was required to have internet access ... and did a check via internet connection at each boot to confirm the current key wasn't on a "disabled" list on LimeTech's servers -- a hassle for both LimeTech and the UnRAID users.

 

I agree the current system works very well -- if a short downtime when a replacement is needed is a problem, then keep a spare key.    Tom makes that very easy by selling a 2nd key for only $30 more when you buy your keys.

 

A hardware dongle would also work; and these almost never fail ... but they're far more expensive than a flash drive, and if they DID fail could not be replaced via an e-mail (or for free).

 

There are lots of changes it'd be nice to see in UnRAID, but the way it boots isn't one of them.

 

 

Just issue a temporary key that will timeout with enough time to receive the failed key.

 

Anyway, the only reason we are having this discussion is because the OP.

 

Reality is, the current licensing mechanism is pretty fair and pretty easy to manage.

I think it's more fears of new users and business that have issue with it.

 

So far we're only discussing possible alternative so that Tom could divorce himself from the replacement delay.

Requiring internet access to revoke a license key and drop a new one isn't such a bad requirement in order to resolve the problem yourself.

You'll need internet access anyway to send out the email and get a new key.

Link to comment

Requiring internet access to revoke a license key and drop a new one isn't such a bad requirement in order to resolve the problem yourself.

You'll need internet access anyway to send out the email and get a new key.

As long as the server itself doesn't need access, I'm cool with that. As it is right now, you can do the whole license thing with a smart phone, as long as you can write a binary file from the phone to external media of some sort.
Link to comment

 

I think the only thing we really need is the ability to login to our customer account and move a license.

 

For now that means a new key tied to a GUID.

 

If we had the ability to retire a GUID, thus giving our account the license back.

Then re-license a new GUID it would alleviate allot of concern.

 

 

 

the problem with that is that the license file has already been granted and as previously mentioned not all unraid servers have internet access so that means there no way to invalid the license file that is in use.....

 

Agree.  Tom is already very trusting in not requiring folks to mail in failed flash drives to get free replacements ... and moving the "replacement" function to individuals would make the potential for abuse of this privilege FAR easier.    This could only work if the system was required to have internet access ... and did a check via internet connection at each boot to confirm the current key wasn't on a "disabled" list on LimeTech's servers -- a hassle for both LimeTech and the UnRAID users.

 

I agree the current system works very well -- if a short downtime when a replacement is needed is a problem, then keep a spare key.    Tom makes that very easy by selling a 2nd key for only $30 more when you buy your keys.

 

A hardware dongle would also work; and these almost never fail ... but they're far more expensive than a flash drive, and if they DID fail could not be replaced via an e-mail (or for free).

 

There are lots of changes it'd be nice to see in UnRAID, but the way it boots isn't one of them.

I think Tom not require to send faild flash back is because not every one buy flash from him.

You do know that you can use your own flash as long as it has a unique id. Meaning it is a reputable mfg. That uses unique ids.

 

Sent from my SGH-T889 using Tapatalk

 

 

Link to comment

No way in hell I'm sending a device with my personal data on it to any company. Even if it no longer works, there are ways to get at some of that data that was on the flash drive. Absolutely horrible idea and not customer friendly.

 

and if you were using really really expensive software that uses an iLok.. you would be up a creek without a paddle.

 

I think in defense of the personal data argument with unRAID, you would have allot of weight considering passwords are saved on the flash.

 

In the case of iLok, the personal data is on the website. The license files are on the iLok flash.

Only the license file is on the iLok flash.

 

This is why I've advocated 'just the presence' of a flash's guid to license the product rather then requiring it to be mounted on /boot, read/writeable and written to with configs/super.dat.

 

I would prefer a two flash method. One for the license file, the other for /boot, or have /boot be anywhere, partition on cache or anywhere else.

 

With an iLok, the only time it's written is in license management, after that it's read only.

Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.