
On Jan 20, 2009, at 11:17 PM, Vitaliy wrote:

> I read a whitepaper[1]  recently on AES encoding, and it had a table  
> in it,
> listing the resources available to hackers of various sizes:
>
>    "Hacker"< $400
>    Small organization $10K
>    Medium organization $300K
>    Large organization $10M

For legitimate companies of a certain size, there is also a  
significant risk in terms of legal and "prestige" issues.  If a  
product is worth a million dollars a year, and will cost $100k to  
develop vs $10k to steal, you have to be pretty desperate to actually  
steal it, since the difference in cost of $90k over a $5million  
product lifetime is pretty insignificant, and not worth "getting  
caught."

> If you don't think that's true, walk into any company that does  
> development for a consumer product and count how many of their  
> competitors designs they have laying around for reference.

Competitive analysis is not at all the same thing as theft.  We have a  
pretty strict policy that any proprietary data from our competitors  
(say, future product info given to loyal customers) is to be discarded  
immediately, but that doesn't stop parts of the company from chortling  
over the cost analysis (or legitimately purchased product) that puts  
their COGs ahead of ours, even though their MSRP is lower.  Nor does  
it stop sales teams from slogging through every bit of legitimately  
public data looking for things to jump on, even in error...

I've seen people take the most ridiculous "protection" steps over the  
most trivial bits of hardware (the particular example I'm thinking was  
a temperature sensor/logger that had the part numbers sanded off the  
chips.  I mean; it's a temperature logger.  I would hope most BSEEs  
could write one in a month or less, from scratch, picking a random CPU  
they hadn't used before...)

A lot of stuff out there that looks cloned these days probably isn't  
really; there's an awful lot of stuff that is essentially minor  
variations of chip manufacturer reference designs (or app notes)  
running standard operating systems and firmware that has been given  
only a cursory effort to make it "unique."

BillW

-- 
http://www.piclist.com PIC/SX FAQ & list archive
View/change your membership options at
http://mailman.mit.edu/mailman/listinfo/piclist