Richard Hartman wrote:
>
> At the end of almost all protection schemes will
> be a test -- did (whatever algorithm I chose) pass
> or fail. You don't have to attack, or even understand,
> the protection algorithm used if you can just change
> the sense of that test by patching one opcode.
I'm surprised no one has yet mentioned an obvious alternative: just have
two separately compiled versions of the app. The "demo" version is
available for download, and the "registered" version gets sent to (or
downloaded by) registered users. There's no point in trying to crack
the demo version, because it just plain doesn't contain the code. Of
course, it just takes one cracker to buy a registered version and put it
up on a warez site. If you were REALLY concerned about that, you could
put a different serial number into each registered copy to identify the
culprit after that happens. The only downside to this scheme that I can
see is the fact that registered users generally have to download two
copies, the demo version to try it out, and the registered version when
they've bought it.
--Mark
