suspiciousperson
Patron with Honors
IF the validation is done sensibly then the approach you should take is to hack the device's firmware, not the application software. All you would have to do is hardcode into the firmware the public key of some certificate scientology holds, and the ability to once a year generate a random number and insist it is signed with thirty days. With a bit of sense you would not make it an entirely random number either, you would tie it to the individual e-meter in some manner. Then have the computer software's job to upload the random number scientology and forward the response to the e-meter. Again, IF DONE CORRECTLY, there is no practical attack for this at the level of the desktop software. However, changing the e-meter firmware to disable the validation process entirely would probably be quite easy. One quick and easy way to check how easy it will be is make it completely run out of power so that it forgets the date and see if it runs...
Incidentally aren't these more than ten years old or something? Would be interesting if it's a 56 bit key or similar... (assuming that there is any such system at all).
Incidentally aren't these more than ten years old or something? Would be interesting if it's a 56 bit key or similar... (assuming that there is any such system at all).