Comment by overgard

6 years ago

> Server-side blacklisting (unlike whitelisting) doesn't stop someone from simply changing whatever unique ID they have to a different one.

Dunno, if the ID works like an activation key it might not recognize ids that don’t pass some sort of cryptographic signature check. Then you would need the private key to generate new valid ids.

2 comments

overgard

Reply
aryamaan  6 years ago

How about copying them from valid machines then?

May be they generate new tokens for every request and one set of the key is in hardware itself protected.

Such a waste of tech and resources to not let use the very things which they purchased.

  • overgard  6 years ago

    I agree it's a terrible waste, my suspicion is just that if they want to keep unauthorized devices off their network, it wouldn't be hard to implement.