This intrigued me so I checked and found the answers here:Mace404 wrote:USB (storage) device serial numbers can be changed with the right software (and not only talking about the volume id).
The USB protection Waves (and Plugin Alliance) is using is clonable.
http://digfor.blogspot.se/2012/04/usb-f ... nique.html
Volume ID: Stored on the hard disk itself and is changeable.
Device Serial Number: Stored in the hardware and is NOT changeable. But there are a couple of problems: 1) Cheap china-manufactured devices will not have purchased a range of proper serial numbers from the USB consortium, and often use random/all-same serial numbers. 2) According to the article, there are rootkit tools that hook the Windows kernel calls for checking the serial number, and can report a fake one. Programs using the standard APIs for reading the serial will see the fake ID. There are ways around it (doing your own low-level interaction with the USB device, without involving the kernel at all), but implementing that in a plugin sounds difficult and like more trouble than it's worth.
I guess someone as big as Waves doesn't care about the chinese USB keys and the potential spoofers, so they probably use standard Windows APIs, but I think Cytomic would care. Especially now that the hacking information has been made even more public.
Time is better spent on other development and not on copy protection.