Yep that trick totally evaded me... I don't doubt that would work fine though.
Now.. what about if it had to be connected to the internet to validate the installation at startup >:W
And the server had to give it's response in a reasonable amount of time ie 100ms and you couldn't fake it on the PC due to encryption. Now I don't doubt that could be broken but it would be a tad harder at least perhaps ... maybe :D
Until you have someone that has a slow internet connection, f.e sat-com where latencies are typically around 500ms or worse. A poor network, or bad mix of equipment, can make latencies really bad even on an otherwise good network.
For example, my Dell D600 from 2003 had a Broadcom networking chipset in it. The 1GBit interface had a problem with some Cisco routers. The previous routers it was on were 10/100 and it had no issue; but when they upgraded the router to 10/100/1000 the new router had an issue with the auto-negotiation. Until I figured that out, the network speed when from 100 megaibts to 17 kilobits. Outlook generally worked okay (no choice at that company) but anything that made more use of the network had big issues. (Outlook worked to view what was in my inbox, because of the small messages; but even then it was slow).
So even doing something like that would be risky - of course, you could also just capture the network traffic and hack that too; since you can control the network in Bochs, if you were really going that far it wouldn't be an issue to capture and adjust it as required to make it think it was talking to the real thing. This is actually relatively easy:
- Setup a transparent MITM proxy so SSL connections can be handled and neither side necessarily knows about it; though they would have to allow you to specify a client proxy because some places require you to do so to get to the Internet any how, so you could just use a client proxy too.
- capture the network traffic using tools like Wireshark for several different runs of the program
compare the deltas to figure out what is changing
Now you just setup a server to either play back the captured data, making the emulated system think it is running at that point when the older software did, or if you figured out enough of the traffic setup something to fake the other side in a way you control.
FYI - this is how SaMBa got started (at least for Windows compatibility) - network analysis of CIFS/SMB traffic with Windows. They found some interesting things doing so - read their docs for things like single-bit flip reboots the Windows computer kind of stuff.
There's very little that cannot be cracked in this regard.