well said.. exactly my point..
not prevention.. just keep it uncrackable long enough for me to
make some money :P
az.
--
Aaron Ardiri
Lecturer http://www.hig.se/~ardiri/
University-College i G�vle mailto:[EMAIL PROTECTED]
SE 801 76 G�vle SWEDEN
Tel: +46 26 64 87 38 Fax: +46 26 64 87 88
Mob: +46 70 352 8192 A/H: +46 26 10 16 11
On Wed, 9 Jun 1999, Jason Dawes wrote:
> At 12:28 PM 6/9/99 -0700, you wrote:
> >Jason Dawes wrote:
> >
> >Sorry, I still don't get it.
>
> Yeah, you do, you're just looking at it the wrong way. You're right what
> you say that all this sort of scheme does is make things a little bit
> harder - that's the point. Maybe you think cracking programs is fairly
> easy - remember that a large percentage of the population doesn't. Look at
> it the same way a marketing firm would: stastically, no-one understands
> this stuff enough to crack any program. This is why most large software
> firms just put a simple registration code in & sometimes even make you have
> the CD in the machine. Any cracks that happen to turn up are random
> aberations that probably fall under "shrinkage" and are either tax
> deductable or make good insurance claims.
>
> >Whatever code does the registration checking can just be avoided by
> judiciously
> >placed branch instructions.
> >If you're calling a function that is a necessary part of the program logic
> >and checking the result, a cracker wouldn't patch the function itself, but
> >the one (or more) calls to that function that affect only the reg code
> decision.
>
> Adding things like a CRC check of the registration code within the code the
> program depends on helps here, but it's a never ending game. You must also
> take into consideration that _all_ security schemes increase complexity and
> reduce speed. I guess you could say that a program that won't run is the
> most secure.
>
> >I suppose you can make it harder to find the right place to put the
> >branch that will avoid the reg code checking without affecting other
> >parts of the program, but I can't see how it can be made terribly
> >difficult in any case.
>
> This is the whole point of this sort of scheme - you don't make it
> impossible, just harder. You're trying to make it so hard most crackers
> give up in disgust.
> However, you're never going to stump professional/obsessive crackers.
>
> (Which is why most people are content with a lock on their doors & thats
> about it - they know professional criminals are going to get in if they
> want, they just try not to think about it)
>
>
>
>