> > wola.. the byte change is from 0x66 to 0x67, and, the crackers
> > just reversed your "registration check". it means squat how good
> > your key is, if they can still mess with the code directly and
> > change the internal logic of the program.
>
> No one would protect code just doing that. There are lots of things
> you can do cryptographically (anyone want to help me get an export
> license for my Palm Open PGP implementation)? And with hardware.
they can still get around the hardware too, hook up palm-debugger
to the device, and there you go, everything is open again.
well, i was encrypting a code segment based on an RC4 encryption
algorithm - it doesn't take half a brain to figure out.. "hey,
lets make the emulator/device perform the decryption" if they
can read your code well enough (well, the disassembled stuff)
they will know where to setup a "trap #8" just after your
decryption routine was called. then, they have access to it
in its natural form.
cryptography = means nothing here. you MUST return to the original
data at some stage, and this is where it is vunerable.
> If you think your system is so good, then I offer this challenge.
> Alter your license to make cracks legal if the method and sources to
> the crack are given. So if you fail, the Palm Economy gets the
> current version of your product free. Maybe your system is snake-oil,
> maybe it is robust. But since places like PalmGear and Palm
> Inc. probably wouldn't accept a counterpaper explaining how the system
> is weak or could be cracked (e.g. the beam prevent flag), any
> challenger doesn't have a publisher.
did i burst your bubble today? and, to correct you - the "trojan"
had nothing to do with the protection system. it was in fact, a
seperate application - it just happened to share the same icon as
the official liberty applicaiton
my games are FREE - and yes, i dont believe my system is "perfect"
you will NEVER be able to develop a system that is fool proof. the
only thing you can do is make it difficult enough so that they will
give up. i dont care if people crack software - i look into this
out of 100% pure interest, other people are interested in it too.
in many cases, this is all that is required to have a crack-deterrant.
it all depends on your application - if people want it bad, and it
is really good, then they wont rest until they crack it. do you
also think that the people who deal with warez are even going to
buy the software? no.
> Back in the Atari ST days I saw quite a few things. One system had
> 80% of the floppys fail on every system. All were eventually cracked.
you need to draw the line.
consider all options - a) users, b) crackers. the risk should never
be placed on the users. do some simple checks.. keep it transparent
to the users, and everything should be fine.
i think, the problem is that Palm used the m68k processor :) heaps
of old amiga people out there - still loving to crack away :P and
heck, m68k is the entry level assembler in most universities these
days!
cheers
// az
[EMAIL PROTECTED]
http://www.ardiri.com/ <--- free games!
--
For information on using the Palm Developer Forums, or to unsubscribe, please see
http://www.palmos.com/dev/tech/support/forums/
