[124818] in North American Network Operators' Group

home help back first fref pref prev next nref lref last post

Re: Juniper's artificial feature blocking (was legacy /8)

daemon@ATHENA.MIT.EDU (Owen DeLong)
Mon Apr 5 13:09:51 2010

From: Owen DeLong <owen@delong.com>
In-Reply-To: <s2k6eb799ab1004041407ydf8b5a04w7700860159879f54@mail.gmail.com>
Date: Sun, 4 Apr 2010 18:55:58 -0700
To: James Hess <mysidia@gmail.com>
Cc: Michael Sokolov <msokolov@ivan.Harhan.ORG>, nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org


On Apr 4, 2010, at 2:07 PM, James Hess wrote:

> On Sun, Apr 4, 2010 at 2:33 PM, Michael Sokolov
> <msokolov@ivan.harhan.org> wrote:
>> feature blocking seems to negate that.  I mean, how could their
>> disabled-until-you-pay blocking of "premium features" be effective if a
>> user can get to the underlying Unix OS, shell, file system, processes,
> 
> Probably signed binaries, veriexec with a signature list of allowed
> executables,  proprietary system daemons, hardware drivers, and
> read-only filesystems.  Protections may be in hardware, and you do not
> have source code.   You can in  JunOS  "start shell user root"  as
> much as you like and get a root shell on various platforms,  but some
> functions are limited.
> 
Most of their license keys are implemented as nag-ware.  If you don't
mind logs full of "Use of this feature requires a license..." messages,
then, it's between you and your lawyers as long as you don't get
caught.

Owen



home help back first fref pref prev next nref lref last post