On 15 Sep 2006, at 12:49, Mark O'Neill wrote:
My *personal* stance is to make a demo version available which has
features
completely omitted - no 30 trial, no features that can be "unlocked",
because if that code is not even in the app, there's nothing to hack.
Shareware is a good model, but it's just not safe these days. There
are so
many hacker groups trying to out-hack one another that they'll
practically
hack *anything*.
Only send out a full version of your software (and protect it with
a key
code if you like) to people who have already purchased.
That's the model I'll be using for my applications in future
anyway, but
each to their own...
Sadly enough, this is about as safe as normal serial protection,
you'll see the full version of your app appear within days on
Bittorrent sites, forums, ... One way to have some way of tracking
who's distributing your app, would be to compile a marked version
(make sure you encrypt the registrant's data, so they can't just find
it in clear text and strip it) for each sale.
Serial protection: they'll find out your algorithm (and realbasic
apps are apparently amongst the most easy to crack)
Calling home validation: they'll add a remark with the serial number
to block outgoing connection with Norton Internet Security or Little
Snitch
Complex protection: they'll patch your validation with a crack, which
just does something like: "if serialnumbervalid then continue else
continue end if", instead of "if serialnumbervalid then continue else
tell user serial is invalid end if", thus making all your protection
worth nothing
Only full version when license is paid: distribute it through warez
channels, just look at Saft for example, it's so easily available
through MSJ
A good way to protect your software (for a while), is to post a
serial on these forums yourself, with one catch: after a few months,
it says: "Hey you, it seems you have been using my software illegally
and you've used it xx times, don't you think you can spend the modest
fee of $xx for my app?". It's very simple to implement, and once
there's a serial out there, you won't have hackers trying to find one
during the initial months after the release when the serial is seen
as "valid" and you'll probably have a few more registrations this
way. This is especially effective if your software has everyday use,
i.e. once it stops working, the illegal user is in serious trouble.
All in all, any protection can be cracked or circumvented (even that
nifty QuarkXPress 4 dongle protection back in the days was cracked),
so don't spend months implementing the "ultimate" protection scheme.
Most hackers crack software because they see it as a challenge, they
clearly don't have much else to do ;-)
Best regards
Peter De Berdt
_______________________________________________
Unsubscribe or switch delivery mode:
<http://www.realsoftware.com/support/listmanager/>
Search the archives of this list here:
<http://support.realsoftware.com/listarchives/lists.html>
