>
> We still use the MAC address (mostly because it's the only numbered
> component we *know* will be present), but it's definitely forgeable. It's
> just that our usual customer wouldn't know how to do it. (Plus, I'm not
> sure they'd even want to, in significant numbers. They might want more
> client licenses, but that would need breaking MD5, or else tracing our
> server through a pretty long code path, and I think we can safely assume
> that the number of customers willing to go that far is very small - the
> product doesn't cost enough to warrant this.)
>
Yes, you'll find that most corporate customers won't be willing to
break *anything* except in case of emergency (server died and we need
the new one up *NOW*) because doing so would be _prima_facia_ evidence
of piracy.
-hpa
