Proving once again that encryption/hashing by itself will not make your system secure.
How NOT to do your license key checking
Originally written: September 01, 2006
About the author
Older · View Archive (571)
First, a disclaimer: Due to my own lax recordkeeping, the issues with running a business with the International Date Line between me and most of my customers/suppliers, currency exchange issues, and other reasons, these numbers may be off by a little bit. I’m sorry to give you analog accuracy in a digital world, but its the best I can do without spending too much time playing accountant. And, after all, I have a release to finalize :)
I spotted this on Seth Godin’s blog. Starbucks had an incredibly ill-conceived promotion where they mailed some fraction of their employees with an email coupon for a free iced drink, then told them to mail friends and family members. Oh boy, a chain letter, no possible way that could get out of hand, right? Well, it did, and as a result Starbucks canceled the promotion.