You have gone to a lot of trouble. A hacker will go to much greater lengths.
They are interested in the challenge. I see their main goal as overcoming
the challenge.
They often (usually) don't care about making money from your software.
When I was in college, I used to hack computer games on the C64 (Yes, the
statue of limitations is long gone on this one). I would usually modify them
so that I could play them as long as I wanted - made my player invincible,
etc.
Then they started copy protecting the games. This made the problem a little
more challenging. They had rather elaborate protection schemes, such as self
modifying code. Since the 1541 floppy disk drive had processor and RAM/ROM
on board, they even had protection code that ran internal to the floppy
drive. It was actually pretty cool. But, alas, we figured out how all of
this worked, too.
I tell you this to show that if a person made it, a person can figure out
how it was made. This is similar to the skills used in lock-smithing.
It all boils down to the same story - eventually, your software will get
broken. Is slowing them down really that important? As a legitimate user, I
would prefer that you spend your time adding a couple of new features to
your software, rather than fooling around with hacker games (it truly is a
game, at least for them). I would pay a little more to help defray your
losses if the software was made better instead of protected.
The only scheme I have seen mentioned that is time efficient, practical, and
generally effective is to have two versions of the software - a demo and a
purchased version. As a consumer, I don't really like this, but am willing
to do it.
Yeah, I know - the hacker buys a copy and gives it away after he breaks it.
But is this really the biggest revenue leak?
I think someone mentioned earlier about corporations distributing software
internally. That may be true for a desktop software, but not that many
people where I work have Pilots. Maybe 30. $5 or $10 a pop doesn't really
add up to that much.
I don't think the crackers are really draining your revenues. Do you really
think they would buy the software? Heck, I'm surprised that they even have a
Pilot. (Actually, they may not...the emulator is pretty darn good).
-----Original Message-----
From: Aaron Ardiri [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, June 09, 1999 12:58 PM
To: [EMAIL PROTECTED]
Subject: Re: No code is crack proof!
hi!
i agree here.. after looking at the crackers website..
this
is what i suggest you do (i just patched LodeRunner) - so
now they need to recrack it.
regCode algorithms:
- hide it.. as much as you can. they copy this, codes
get given out everywhere.
i have a self-modifying segment of code (not really
self-modifying, but i encrypt a data array - then
execute it :P)
this means you need to do the following:
a) write your algorithm (in C or whatever)
b) compile to assembly, get opcodes
c) encrypt opcodes, and store in an array,
d) when "regcheck" occurs, decrypt, and execute.
anti crack:
- CRC checks (i dont know how to do this, some code
sample
would be very nice)! *hint* *hint*
- DO NOT have a function called "checkRegistration" or
something that returns a boolean. this is where they
crack in 2 seconds.. write a macro or something else
that does this check..
just my 2c.. lets see how long it takes them to get
LodeRunner
cracked again (i have spent one day on this - hopefully
worth it)
- decompiling the regcode algorithm is going to be tricky.
they need to disassemble, do some math.. and disassemble
again.
:) have fun hackers.. :P
cheers.
az.
--
Aaron Ardiri
Lecturer http://www.hig.se/~ardiri/
University-College i G�vle mailto:[EMAIL PROTECTED]
SE 801 76 G�vle SWEDEN
Tel: +46 26 64 87 38 Fax: +46 26 64 87 88
Mob: +46 70 352 8192 A/H: +46 26 10 16 11
