>> > the paper can be used in two ways.. for good and for "bad" :)
>>
>> *YAWN*
>>
>> We've heard all this from security gurus before.
>>
>> Publish or stop talking about it.
>
>There is a sure fire way to protect software. If it is worth
>it's salt, it will not need protection.
That may be just a little simplistic a viewpoint to take. If this
software isn't something that is essential, but rather, entertainment
value, often it will be pirated. In some cases, it's actually easier
to get ahold of a pirated version of some software than the official
version.
>Anyone who will resort to cracks, will not buy the software anyway.
>So there is no lost sale.
>There are enough honest people in the world to make a good piece of
>software sell itself.
Yeah, but tell that to a corporation that sets a sales bar for your
software to reach, and all of a sudden, you're only self-sufficient.
Then, you now magically don't have a job. Businesspeople expect
sales results, not self-sufficiency. In vertical markets, for example,
you're selling to maybe 4-5 major clients, and you HAVE to get as much
as you can in order to make your application solvent and able to
profit somewhat. If one of those clients were to pirate your software,
and you didn't know about it or could find out about it, you'd be
completely screwed.
>
>AND, there is NO software that cannot be cracked. The harder
>the challenge, the tastier the target. So, why bother.
The concept here is not to be uncrackable, but to be able to develop
enough strategies so that it's a serious pain to try to figure out
how a particular piece of software is protected. By the time the crack
is out, it's unusable, because the new version of the software has a
slightly different protection mechanism. =)
>
>AND, there is "no value added" in going to elaborate protection
>schemes. It's an interesting intellectual challenge, but offers no
>large rewards.
Actually, there IS value added. When you write software for a vendor,
they don't want their end users able to simply download and crack
the software that they've invested good money in.
>
>FINALLY, the last protection scheme that I would use is one where the
>full details of it's operation is published for the world to see....
I wouldn't mind a paper detailing the common methods of hacking Palm
programs, though...knowledge of this would help to develop methods of
copy protection that perhaps aren't as orthodox.
Actually, most people use a very heavily published method, namely,
checking the Hotsync user name. I'd appreciate a paper detailing most
or all of the common methods of protecting an application, so I can
have an idea whether or not my particular method is as effective as
anyone else's or not.
-Rus
--
For information on using the Palm Developer Forums, or to unsubscribe, please see
http://www.palmos.com/dev/tech/support/forums/
