What is a dongle?

Answer 1

A dongle is a piece of hardware that attaches to a computer in order to make a piece of secured software run. A dongle in this sense is used as a high-end form of security to prevent the unauthorized copying of software, since making a copy of the hardware itself is much more difficult than simply copying the software. The fairly absurd word seems to have been chosen more or less at random as a placeholder to describe the device when it was first used, and over time it was adopted as the actual name.

The primary use of a dongle today is in very expensive software, usually aimed at a small core market. Very expensive rendering and audio mixing software, for example, often makes use of a dongle to ensure that people don’t pirate the programs – which may cost many thousands of dollars for a single license. Computer Assisted Design (CAD) software is another area in which the use of a dongle is not uncommon.

Although a few software companies have attempted to introduce dongle security with their consumer-oriented software, in every case it has been resisted very strongly by the customers. While specialists such as video editors, audio engineers, and architects are relatively willing to put up with the inconvenience of having an extra piece of hardware to keep track of in order to use their software, the average computer user is simply unwilling to put up with a dongle. As a result, consumer software that has incorporated a dongle has tended to have extremely reduced sales and ultimately to fail, or at least to flounder until the software manufacturer releases a new version without a dongle.

The earliest type of dongle was usually attached via a computer’s serial port. When the software being protected was loaded, it checked for the presence of this hardware device. If it found the hardware device, it loaded; if it didn’t find the dongle, it wouldn’t load. This simple system was fairly open to cracking, since a programmer could fairly easily find the value in the software that indicated whether the hardware was present and simply set it to exist.

Modern dongle technology usually makes use of a computer’s Universal Serial Bus (USB) port, plugging in just like a portable flash drive or other small USB device. Rather than simply checking for the presence of a piece of hardware, the software may send an encrypted request to the dongle for a validation key, which is also encrypted. This means that in order to crack the dongle, one must first crack the encryption. An even more secure form stores encrypted bits of the software on the dongle itself, which the program then calls for when it needs them. This means that even if one were to fool the software into thinking the dongle were present, the software would literally be unable to run, since it would be missing key parts of its code.

Answer 2

A dongle is a small hardware device that connects to a computer to authenticate some piece of software. This was its primary meaning in the computer industry in the 1980s and 1990s. When the dongle is not present, the software runs in a restricted mode or refuses to run. Dongles are used by some proprietary vendors as a form of copy prevention or digital rights management because it is much harder to copy the dongle than to copy the software it authenticates.

Software protection dongles are typically used with very expensive packages (starting with about USD 500 and up) and vertical market software, such as CAD/CAM software, Digital Audio Workstation applications and some translation memory packages. Efforts to introduce dongle copy prevention in the mainstream software market were generally met with stiff resistance from users. Despite being hardware, dongles are not a complete solution to the trusted client problem.

Vendors of software protection dongles (and dongle-controlled software) often use terms such as hardware key, hardware token, or security device in their written literature. In day-to-day use however, the jargon word "dongle" is much more commonly used.

Well-known software protection dongle manufacturers include SafeNet,[1] Aladdin[2] and WIBU-SYSTEMS.