Finally, SafeCast Works

By Brett Glass  |  Posted 2003-02-10 Print this article Print

When we installed TurboTax from the disc we received from Intuit, equivalent to what you could purchase in a store or through the Internet, we were -- at last -- able to see the DRM at work. We first tried the new CD on a Windows 98 laptop -- an older system which had been previously upgraded from Windows 95. Unfortunately, the installation did not succeed; in fact, it froze up the machine so completely that we had to cycle the power to resuscitate it. This is consistent with behavior that some of our readers have reported when installing this years TurboTax on older systems.
We then tried installing on another machine with a relatively fresh install of Windows 98SE. On this machine, too, the installation went wrong: We were never given a chance to enter the product key; instead, we were taken directly to a dialog box that insisted that we pay for the product.
Missing DLL Deep-Sixes Installation: We never found out what went wrong on the laptop; however, Intuit determined that the second Windows 98 machine malfunctioned because the programmers had expected to find a particular Windows dynamic link library (DLL) which was missing. This DLL normally appears on the system when the user updates Microsoft Internet Explorer to a recent version. However, the primary user of the machine, concerned about security flaws in MSIE, had never updated; instead, he commanded ZoneAlarm to block MSIE from reaching the Internet and used Opera. Thus, the DLL had never been added. To get the installation to work, we copied that DLL onto the system by hand, and were finally able to install TurboTax and print a return. As mentioned earlier, we noted that on Windows 98, SafeCast/C-Dilla did not install as a resident "service" but rather as a VXD (virtual device driver) and several associated DLLs. In all other respects, however, its behavior was similar to what we saw on XP. Windows XP Installation: We then took the disc to an XP machine -- one that had never seen TurboTax before -- and attempted to install. This time, the DRM worked. Intuits computers realized wed already registered that copy, and we were given the option of paying for another "full" copy, or running the software in "trial" mode. We selected the trial mode to see what restrictions it applied to our work. Refusing (at first) any updates to the software, we launched it and began to prepare a return. Sure enough, whenever we attempted to print, the program insisted that we pay Intuit first. We did not try to e-file, since filing a return for a Ms. Anne Nonymous without her permission would have been fraudulent. However, we assumed that wed get the same result. We were pleased to see that, even in trial mode and without the update, we could view, edit, and save the forms that TurboTax was preparing. The forms could be made to appear in a window at the bottom of the screen as TurboTax filled them out, and we could manipulate and enter data directly onto any form. After we upgraded the software through the Internet, however, viewing and working with the forms became even easier. Forms could be enlarged to fill the screen; they were no longer confined to a small space at the bottom of a window. This is a plus, because even if youre viewing data on a second machine, or on a trial basis, you can easily see whether TurboTax got the forms right. Perhaps Intuit feared that non-licensed users would attempt capturing images of forms from the screen and printing them, but later reconsidered. Another thing well probably never know.  Finally, before we put a wrap on our review, we decided to investigate readers allegations that SafeCast was performing risky, low-level operations on users hard disks. (Such operations wouldnt have been picked up by InCtrl5s before-and-after inventories of the drive.) While most of the reports we received turned out to be bogus, we were able to verify that SafeCast manipulates at least one area of the disk thats "outside" the file system.To understand what we found, you need to know a little bit about how data is laid out on the hard disks of IBM-compatible systems. By convention, the first "track" of the hard disk -- that is, the outermost ring of data on the first side -- is reserved for a data structure called the partition table. The partition table allows the disk to be divided into as many as four parts, each of which might hold a separate operating system or a separate storage area for data. The partition table only takes up the first 512-byte sector of the track, so -- depending upon the number of sectors per track -- there may be quite a few sectors left over. Nowadays, the vast majority of large hard drives use a technique called sector translation that makes them look to the computer as if they have 64 sectors per track regardless of the actual number. So, most drives have 63 unused sectors in this space.These leftover sectors are often untouched by utilities that manipulate the drive, so data thats hidden there may survive reformatting and repartitioning. Mysterious Sector 33 Manipulation: We used the "DiskEdit" program from The Norton Utilities to watch that space. What we discovered on our Windows 98SE testbed was that each time TurboTax ran, sector number 33 of the hard drive -- which lies right smack in the middle of that area -- was being changed. It never changed when we ran any other program on the system. So to verify what was going on, we made a copy of that sector, scribbled it with random ones and zeroes, and restarted the system. It booted just fine. But when we attempted to invoke TurboTax, SafeCast decided that things were definitely not kosher.  TurboTax decided that we had an unauthorized installation of the product, and demanded that we either present a credit card for payment or run the program only in "trial" mode. We then copied the old data back to the "magic sector" and re-invoked TurboTax. Lo and behold, the program consulted its server again, determined that our copy was legitimate, and allowed us full access once more. Clearly, the data in Sector 33 is a special "signature" that SafeCast uses to decide whether a program installation is legitimate. If you copy TurboTax to another hard drive , or restore to a new drive from a backup, this signature will not be included.  And without that signature, SafeCast may deny you access to the software even if youve legally purchased and registered it. Reserved Sectors Can Be Unsafe: Unfortunately, these "reserved" sectors of the hard drive arent necessarily a safe place for data. And theyre an especially dicey place to keep licensing information. According to Frank Van Gilluwe -- whose company, V Communications, publishes System Commander and Partition Commander -- viruses have been known to hide in this portion of the disk.  Data compression utilities, "multiboot" utilities, password protection and encryption software, and sector translation software (which allows older computer systems to accept todays huge hard drives) may also reside in this area. Sometimes these applications can interfere with each other, in effect fighting for use of the space. One of our readers reported that his license management software -- not C-Dilla, but another product -- ceased to work after he installed TurboTax and SafeCast wrote to this area. We wouldnt be surprised if other problems cropped up as well. In short, we found that -- in its attempts to prevent illicit copying -- SafeCast pulls some tricks that may cause trouble. Will it interfere with the normal operation of your system? We dont have statistics to tell us how likely this is, but were concerned that SafeCast adjusts hidden parts of your hard drive without warning you.

Brett Glass has more than 20 years of experience designing, building,writing about, and crash-testing computer hardware and software. (A born'power user,' he often stresses products beyond their limits simply bytrying to use them.) A consultant, author, and programmer based inLaramie, Wyoming, Brett obtained his Bachelor of Science degree inElectrical Engineering from the Case Institute of Technology and his MSEEfrom Stanford. He plans networks, builds and configures servers, outlinestechnical strategies, designs embedded systems, hacks UNIX, and writeshighly optimized assembly language.

During his rather eclectic career, Brett has written portions of the codeand/or documentation for such widely varied products as Borland's Pascal'toolboxes' and compilers, Living Videotext's ThinkTank, Cisco Systemsrouters and terminal servers, Earthstation diskless workstations, andTexas Instruments' TMS380 Token Ring networking chipset. His articleshave appeared in nearly every major computer industry publication.

When he's not writing, consulting, speaking, or cruising the Web insearch of adventure, he may be playing the Ashbory bass, teachingInternet courses for LARIAT (Laramie's community network and Internetusers' group), cooking up a storm, or enjoying 'extreme'-ly spicy ethnicfood.

To mail Brett, visit his Web form.


Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel