At the end of almost all protection schemes will
be a test -- did (whatever algorithm I chose) pass
or fail. You don't have to attack, or even understand,
the protection algorithm used if you can just change
the sense of that test by patching one opcode.
Of course, the protection mechanism could work
by actually encrypting the code and get around
that hole -- but then it would not be flashable.
The real thing to remember here is that no matter
how much effort you put into a protection scheme,
somebody out there can break it. There is nothing
that will prevent the serious cracker. All you
really need is something to nudge the average Joe,
who always means to register his shareware but keeps
putting it off and wouldn't even think of trying to
crack it.
--
-Richard M. Hartman
[EMAIL PROTECTED]
186,000 mi./sec ... not just a good idea, it's the LAW!
> -----Original Message-----
> From: Aaron Ardiri [mailto:[EMAIL PROTECTED]]
>
>
> > As Ben Rampling pointed out, in most cases you could shut
> them down by
> > contacting the web service that hosts their site because
> they probably
> > violate their hosts' policies. But judging by the hit
> counters on those
> > sites, I would guess that you would only succeed in driving
> them underground
> > more. The best case scenario would be to discourage the
> people who update
> > those sites enough that they are forced to host the sites
> on their home
> > computer and communicate through IRC and word of mouth
> instead of publishing
> > a website on someone else's server.
> >
> > Although I doubt that it's possible to make a crack-proof
> app for the
> > PalmPilot, I'm interested in discussing techniques that
> developers could use
> > to make apps more difficult to crack.
> >
> > Our app asks for a simple 5-digit unlock key based on the
> user's RegCode (or
> > Pilot User Name). What kinds of things could we do to
> discourage most
> > (PalmPilot) hackers? The only thing I could think of so
> far is to somehow
> > use some modulo of the prc's checksum in a jump statement
> in your code, but
> > that would be hard to do and inconvenient when you release
> an upgrade.
>
> the palmIII also has a unique hardware key..
>
> at the moment my application does the same with the Pilot
> HotSync user
> name.. however i perform a simple manipulation to the
> string to obtain
> a registration code.
>
> as for making it harder to people to hack? thats a tricky
> one. you could
> use self-modifying code to perform the detection? and
> possibly CRC check
> your checking code?
>
> cheers.
>
> az.
> --
> Aaron Ardiri
> Lecturer http://www.hig.se/~ardiri/
> University-College i G�vle mailto:[EMAIL PROTECTED]
> SE 801 76 G�vle SWEDEN
> Tel: +46 26 64 87 38 Fax: +46 26 64 87 88
> Mob: +46 70 352 8192 A/H: +46 26 10 16 11
>
>
