Micromat President Offers Rebuttal to Serial Number Controversy

Posted by:
Date: Thursday, December 14th, 2006, 09:37
Category: News

Micromat president Jeff Baudin has offered the following rebuttal to a story contributed by Christopher Price to PowerPage as of December 13th citing that Micromat had included network code that broadcasts critical information about your Macintosh as well as the TechTool 4 product’s serial number across network subnets via a Bonjour session.

Thank you for your article on Dec 12th about our product TechTool Pro. I’m compelled to respond because your story has created some concern among many of our customers. The article also contains a few inaccuracies.
Your story states that, “Micromat slipped some broad and sweeping anti-piracy measures into a TechTool Pro update a while back.” Quite a while back, actually. Like when William Clinton was still in his first term in office. We implemented our first network serial number checks in the early 1990s. Just like Photoshop, Microsoft Office and many other programs, we broadcast our product serial number over the local network and each copy of the program looks for a duplicate copy of that serial number at launch. If the program finds a duplicate serial number already running on the network, it alerts the user and then refuses to run. Micromat, as well as many other software manufacturers feel this is a fair method of insuring that our license agreements are not abused. And certainly a far better alternative to hardware dongles or key-disk methods.
The author of your story takes great exception to the fact that we broadcast the Macintosh hardware serial number as well. His article implies that this is something new, but the fact is that we actually added this information to the broadcast when we first released version 4 in 2003. First, let me explain why we did this…

Read the rest of Micromat response after the jump…


Micromat president Jeff Baudin has offered the following rebuttal to a story contributed by Christopher Price to PowerPage as of December 13th citing that Micromat had included network code that broadcasts critical information about your Macintosh as well as the TechTool 4 product’s serial number across network subnets via a Bonjour session.

Thank you for your article on Dec 12th about our product TechTool Pro. I’m compelled to respond because your story has created some concern among many of our customers. The article also contains a few inaccuracies.
Your story states that, “Micromat slipped some broad and sweeping anti-piracy measures into a TechTool Pro update a while back.” Quite a while back, actually. Like when William Clinton was still in his first term in office. We implemented our first network serial number checks in the early 1990s. Just like Photoshop, Microsoft Office and many other programs, we broadcast our product serial number over the local network and each copy of the program looks for a duplicate copy of that serial number at launch. If the program finds a duplicate serial number already running on the network, it alerts the user and then refuses to run. Micromat, as well as many other software manufacturers feel this is a fair method of insuring that our license agreements are not abused. And certainly a far better alternative to hardware dongles or key-disk methods.
The author of your story takes great exception to the fact that we broadcast the Macintosh hardware serial number as well. His article implies that this is something new, but the fact is that we actually added this information to the broadcast when we first released version 4 in 2003. First, let me explain why we did this:
When users in a large facility encounter a TechTool Pro serial number conflict, it is often difficult to ascertain which other machine is running the identical TTP serial number. Our tech support staff have spent hours trying to help users distinguish which other user in their facility has duplicated their TTP serial number. With the release of version 4, we added the network user name and Mac hardware serial number to the message alert that appears when a TTP serial conflict occurs. This way the user could easily find the offending computer within his local network. This addition was purely meant to help users who encounter this problem. It in no way strengthens our serial number protection system. Our only intent by adding that data was to help the user.
Your writer states in a rather unusual sentence, “There are known knows, and there are known unknowns about TTP’s anti-piracy measures. We don’t know what else is being broadcast…” I’m more than happy to tell you exactly what is being broadcast: The TTP serial number, the user’s network name and the machine serial number. Nothing else. And while it is not completely clear in the article, it should be noted that this information is only published in the LOCAL area network. It is not sent over the internet and it is not sent back to Micromat. Also I can’t stress enough the fact that simply obtaining someone’s computer hardware serial number does NOT give someone access to that computer. The user’s personal data and files located on the given computer are NOT compromised simply because someone has their hardware serial number. Your article has led many of our customers to believe that their credit card information and other personal data are not safe with TechTool Protection installed. This, of course, is not true.
The author of the story posted questions in our forums asking why we would include the machine serial number when we provide the network user name. We started doing this because in many cases the network user name was not sufficient to help the user identify the conflicting machine. Many networks have computers that were assigned ambiguous names like “Powerbook” and “Server.” By adding the machine serial number, we gave the user an additional piece of information to locate the offending computer. Is the computer serial number private information? Perhaps, but until recently, all Macs had conspicuous bar code labels that plainly displayed the computer serial number. And since we only broadcast that number locally, we felt it was not a security risk. With the exception of the latest Mac models, most anyone in your local network can walk up to your machine and obtain this information by simply looking at the bar code label in plain sight on the back of the computer. That said, while we believe that there is little, if any use to “someone nefarious” obtaining a given computer’s serial number and putting it to foul use, we will agree with the writer that it is not impossible.
In light of this, we’ve altered the code in our products so that the network user name and the computer hardware serial number are no longer broadcast with the TTP serial number. We will soon be posting a new version of TechTool Protection (the extension primarily mentioned in the article) followed shortly by a new version of TechTool Pro with a similar modification. Users will be able to find these updates at our website at http://www.micromat.com.
I hope this clarifies things a bit as far as your article is concerned. I’d also like to apologize to all of our customers who might have been confused by this situation. Our goal at Micromat is, and has always been, to help Macintosh users protect their data.
Thank you.
Jeff Baudin
President
Micromat Inc.

The squeaky wheel gets the oil and the new version should pin this down according to customer feedback. Micromat has yet to announce a release date for the new version of its TechTool 4 program, but we’ll keep you informed of it as soon as it arises.
Please let us know if you have any ideas, suggestions or comments to share.

Recent Posts