[worewood]

I think the most important, and this article left it out, is why exactly this makes the API uncloneable - why couldn't MSN just emulate the buffer overflow behavior like it was doing with everything so far?

As the article says, the client also responded with some code. What I think was happening: the client was responding with portions of its own executable memory, which could be checked by AOL servers.

That way for MSN to emulate that behavior, it would need to have the AIM client's executable code inside itself, which would be an easy win in a copyright lawsuit.

[lliamander]

Why not just send copy written code as part of the payload?

[ATsch]

Especially trademark violations are very effective for this. For example the original GameBoy used it as DRM. The cartridge had to contain a Nintendo(R) logo which was displayed on boot to work, a legal deterrent for publishing unlicensed games that still works to this day.

[sanqui]

Except that the use of copyrighted and trademarked data for means of enabling interoperability has been ruled fair use in the Sega v. Accolade[1] case. So I believe Nintendo's use of the logo in this way is not much more than snake oil.

[1] https://en.wikipedia.org/wiki/Sega_v._Accolade

[timClicks]

Gentle reminder that the USA isn't the only jurisdiction. In countries without fair use, for example, this wouldn't even be able to be applied.

[telotortium]

That case was decided after the initial release of the Game Boy, so it wasn't an unreasonable thing to try at the time.

[taneq]

The TrackIR API does something similar to lock out unauthorised third party client applications.