Thanks for the feedback, I hadn't considered that. I just want a simple approach that doesn't make it TOO easy to crack. If someone does crack it, fine, they've earned it, I just prefer they work for their copy. :)
Would you have any simpler recommendations? On Jan 14, 1:54 pm, "Wojciech S. Czarnecki" <[email protected]> wrote: > Dnia Thu, Jan 14, 2010 at 02:08:40PM -0800, wesker napisa (a): > > > Although the key hard-coded in the client app could allow someone to > > decrypt that file, if they were clever enought to obtain it, the human- > > readable text would be useless to them as they'd have no way to change > > it for use on another machine, and re-encrypt it. > > Bad assumption. If someone is clever enough to get a hard coded key > and decrypt a file, then its no brainer to patch executable with > his own key and his other machine id. > Its long convulted way to achieve same result as simple id check > with ids obscured by xor deadbeef operation. > > You also can not rely on authenticode signing your executable, > because someone who would steal just will turn off OS protections. > > If your software is so valuable to deserve real protection, > you may think of issuing to your client HW protectors. > If its not worthy additional $50 for such, you'll better IMO > don't worrying about tchiefs but more what real incentives/advantages > for registered users you may provide. Just my two cents. > > Kind regards, Ohir. > > -- > > Wojciech S. Czarnecki > << ^oo^ >> OHIR-RIPE
-- You received this message because you are subscribed to the "Crypto++ Users" Google Group. To unsubscribe, send an email to [email protected]. More information about Crypto++ and this group is available at http://www.cryptopp.com.
