>>It's >>fairly strong though. If you used a reasonably strong crypto algorithm >>then it'd be extremely difficult to crack without at least one sample >>host/key pair to find the decryption key.
No, it is not. Someone can use winice to debug to the point where you call checking logic and just simply patch the executable with a jmp assembler code to disable the logic. So strong crpyto will not work, no matter how strong it is. That is just the basic lesson for training a skilled hacker. [Claim] I am not a hacker. 8-) Regards Leigh -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Corey Murtagh Sent: Wednesday, November 12, 2003 11:11 AM To: Multiple recipients of list delphi Subject: Re: [DUG]: Copy protection/program registration vss wrote: > I have come across one program called "PicBasic" which uses some PC > Specific information that you send back to them and they send you a key. > What ever the software they use for the protection, its pretty good. I > actually own the app. but was interested to see how strong it was, and > beleive me, after about 2hrs of constantly hacking and playing, i could > not crack it....so whatever it is, its great. I wanted to use the > software for a project I have just finished, but the problem is that I > cant make it PC specific. PC-specific isn't terribly difficult, but is a pain in the butt when you want to upgrade your machine and end up with a whole bunch of things that don't work anymore. That said... you can get various information about the PC... motherboard ID, BIOS checksum, hard drive serials, NIC addresses, etc. and munge them to generate a host string, then generate a complementary key which you can use to manipulate that string back to a decryption key to decode sections of your exe. Every time the program runs it then checks the hardware, generates the host string, uses the key to create a decryption key and decodes the locked code blocks. It's an idea anyway. Problem with it is that any slight change in your configuration renders the program useless, or at least crippled. It's fairly strong though. If you used a reasonably strong crypto algorithm then it'd be extremely difficult to crack without at least one sample host/key pair to find the decryption key. Just a theory. Feel free to run with it :> Oh, and if you /are/ going to go with machine-specific copy protection, be nice and provide a way for people who register to easily update keys when they change hardware. -- Corey Murtagh The Electric Monk "Quidquid latine dictum sit, altum viditur!" --------------------------------------------------------------------------- New Zealand Delphi Users group - Delphi List - [EMAIL PROTECTED] Website: http://www.delphi.org.nz To UnSub, send email to: [EMAIL PROTECTED] with body of "unsubscribe delphi" Web Archive at: http://www.mail-archive.com/delphi%40delphi.org.nz/ --------------------------------------------------------------------------- New Zealand Delphi Users group - Delphi List - [EMAIL PROTECTED] Website: http://www.delphi.org.nz To UnSub, send email to: [EMAIL PROTECTED] with body of "unsubscribe delphi" Web Archive at: http://www.mail-archive.com/delphi%40delphi.org.nz/
