Software Protection Survey
-
Our company is in the process of releasing a system that will help you protect your software from piracy and help you manage your customer licensing. Would you participate in a survey to assist us in providing the right product to meet your needs? We realise your time is valuable, so we're giving you the opportunity to win a prize, just for participating. If you would like a product that properly protects your software, please complete our survey at dev.rootsoftware.com. Many thanks. (BTW, this is a genuine survey, not dressed-up advertising or hit generation.) Russell Robinson (russellr@rootsoftware.com) Author of TTMaker (Advanced Timetabling Software) http://www.rootsoftware.com
-
Our company is in the process of releasing a system that will help you protect your software from piracy and help you manage your customer licensing. Would you participate in a survey to assist us in providing the right product to meet your needs? We realise your time is valuable, so we're giving you the opportunity to win a prize, just for participating. If you would like a product that properly protects your software, please complete our survey at dev.rootsoftware.com. Many thanks. (BTW, this is a genuine survey, not dressed-up advertising or hit generation.) Russell Robinson (russellr@rootsoftware.com) Author of TTMaker (Advanced Timetabling Software) http://www.rootsoftware.com
IMO this guy is doing the best he can to tread softly in order to get people to participate in this survey, but I wonder - how effective do people think these products are ? I'd think such a product is a gold mine to crackers - ANY protection can be broken, and even though I'd presume they'd create something seriously hard to overcome, doesn't overcoming it mean you've cracked a whole swag of programs instead of just the one ? Christian The tragedy of cyberspace - that so much can travel so far, and yet mean so little. "I'm somewhat suspicious of STL though. My (test,experimental) program worked first time. Whats that all about??!?! - Jon Hulatt, 22/3/2002
-
IMO this guy is doing the best he can to tread softly in order to get people to participate in this survey, but I wonder - how effective do people think these products are ? I'd think such a product is a gold mine to crackers - ANY protection can be broken, and even though I'd presume they'd create something seriously hard to overcome, doesn't overcoming it mean you've cracked a whole swag of programs instead of just the one ? Christian The tragedy of cyberspace - that so much can travel so far, and yet mean so little. "I'm somewhat suspicious of STL though. My (test,experimental) program worked first time. Whats that all about??!?! - Jon Hulatt, 22/3/2002
Anyone who has looked seriously at copy protection and licensing knows that you are pretty much waisting your time using "off-the-shelf" solutions as they are the ones the crackers go for. The worst schemes are the ones that "wrap your app" or just need "one call to a DLL" and all it takes is 5 minutes of your time. These are usually the easiest to break. That said if you want a simple system that thwaites most of the people most of the time that type of approach may be adequate. However if you really want to protect your software then what is needed is for the developer to get more seriously involved and come up with a solution which is not the same as everyone elses, and therefore not worth the effort for most crackers to try and hack. This can still be done using third party code which you customize to create a unique solution. I know Russell and am aware of some of his ideas and I think he can come up with something genuinelly usefull if we can help him out with some input via. his survey and maybe Beta testing down the track. Some of what Russell is looking at is implemented already in his product TTMaker and also in my programmer's editor, ED4W. I'd be very interested to see if anyone can crack the protection and licensing in ED. Take that as a challenge;P Neville Franks, Author of ED for Windows. www.getsoft.com
-
IMO this guy is doing the best he can to tread softly in order to get people to participate in this survey, but I wonder - how effective do people think these products are ? I'd think such a product is a gold mine to crackers - ANY protection can be broken, and even though I'd presume they'd create something seriously hard to overcome, doesn't overcoming it mean you've cracked a whole swag of programs instead of just the one ? Christian The tragedy of cyberspace - that so much can travel so far, and yet mean so little. "I'm somewhat suspicious of STL though. My (test,experimental) program worked first time. Whats that all about??!?! - Jon Hulatt, 22/3/2002
Your "I wonder" is accurate - previous products have been ineffective. Yes, probably any protection scheme can be overcome, but would you spend 3 months cracking a program that costs $30? Or, what if the author releases a new version every 2 months? If we were offering a Software Protection System that worked the same for every product that uses it, then, yes, it would be a gold mine for crackers. That's one of the main problems with the current protection systems that are available. Our system is different. Each product that uses our system will have protection that's unique to the product. So, if you crack our system on one product, that's all you've got. Participate in the survey (anonymously if you like). If no one wants this stuff, then we won't release it. Russell Robinson (russellr@rootsoftware.com) Author of TTMaker (Advanced Timetabling Software) http://www.rootsoftware.com
-
Your "I wonder" is accurate - previous products have been ineffective. Yes, probably any protection scheme can be overcome, but would you spend 3 months cracking a program that costs $30? Or, what if the author releases a new version every 2 months? If we were offering a Software Protection System that worked the same for every product that uses it, then, yes, it would be a gold mine for crackers. That's one of the main problems with the current protection systems that are available. Our system is different. Each product that uses our system will have protection that's unique to the product. So, if you crack our system on one product, that's all you've got. Participate in the survey (anonymously if you like). If no one wants this stuff, then we won't release it. Russell Robinson (russellr@rootsoftware.com) Author of TTMaker (Advanced Timetabling Software) http://www.rootsoftware.com
Russell Robinson wrote: Our system is different. Each product that uses our system will have protection that's unique to the product. It doesn't matter what method of protection is used: if you are selling a library or a component that others can call to protect their software - crackers can remove or bypass those calls very easily. Crackers won't even need to figure out what your protection scheme is - they just take it all out. Is it not true? I am not a security/protection expert, so please correct me if I am wrong.
-
Russell Robinson wrote: Our system is different. Each product that uses our system will have protection that's unique to the product. It doesn't matter what method of protection is used: if you are selling a library or a component that others can call to protect their software - crackers can remove or bypass those calls very easily. Crackers won't even need to figure out what your protection scheme is - they just take it all out. Is it not true? I am not a security/protection expert, so please correct me if I am wrong.
Our system overcomes this difficulty.
This isn't necessarily how our product will work, but, imagine if we sold you source code and a manual.
With the source code, using some clever #define's (in C/C++) and other techniques, the protection code in your application could be:
- spread around your app and therefore difficult to find
- disguised; not obviously anything to do with protection
- critical to the operation of your app - so any removal or disablement would cause your app to stop working
- unique to your application
That's just an idea of how we can overcome these difficulties.
I recommend the following site to give you some other ideas of what can be achieved: http://inner-smile.com/nocrack.phtml Russell Robinson (russellr@rootsoftware.com) Author of TTMaker (Advanced Timetabling Software) http://www.rootsoftware.com
-
IMO this guy is doing the best he can to tread softly in order to get people to participate in this survey, but I wonder - how effective do people think these products are ? I'd think such a product is a gold mine to crackers - ANY protection can be broken, and even though I'd presume they'd create something seriously hard to overcome, doesn't overcoming it mean you've cracked a whole swag of programs instead of just the one ? Christian The tragedy of cyberspace - that so much can travel so far, and yet mean so little. "I'm somewhat suspicious of STL though. My (test,experimental) program worked first time. Whats that all about??!?! - Jon Hulatt, 22/3/2002
My experience is not with cheap ($20 ~ $200), mass-selling software. I sell enterprise solutions for credit assessment, where you sell one or two copies a month. You could be surprised that even in this mature software market there is so much piracy. I'm using a HASP to protect my software. As a hardware lock, it's hard to overcome this kind of protection, specially when the lock really does something useful, not only a "is-hardlock-present" question. In my case, I use it for some computations, so, if the hardlock is not present, someone would have to write a device driver and a code that emulate that function. I believe that constant contact with my customer is an important "feature" of my software, that is disabled in case of piracy. My software needs constant upgrading, because it talks to a miriad of credit information bureaus, that change their protocol (to add more information) on a constant basis. This way, the software naturally "times-out", even if you break the hard lock. If I knew someone broke a protection scheme I bought, I could change it in no time, buying it from another vendor. Just buy a hardlock from another vendor. In fact, it's clever to do it even if someone did not break it. IMHO, it's very complicated to break good hardware-based protection schemes, but software-protection schemes are much simpler, does not matter how clever they are. There is a new kind of protection scheme starting to appear: network (internet) based, where there is a "virtual hardlock"; it is actually a Web Server (or another socket solution). This kind of protection is pretty good for .NET-like software and may become a common protection scheme in the near future. There are some issues like DNS, proxy and router-based attacks, but it's pretty strong. You could also relocate some important functionality of your software to your server, so the software only would work with a compatible Web Service. Crivo Automated Credit Assessment
-
My experience is not with cheap ($20 ~ $200), mass-selling software. I sell enterprise solutions for credit assessment, where you sell one or two copies a month. You could be surprised that even in this mature software market there is so much piracy. I'm using a HASP to protect my software. As a hardware lock, it's hard to overcome this kind of protection, specially when the lock really does something useful, not only a "is-hardlock-present" question. In my case, I use it for some computations, so, if the hardlock is not present, someone would have to write a device driver and a code that emulate that function. I believe that constant contact with my customer is an important "feature" of my software, that is disabled in case of piracy. My software needs constant upgrading, because it talks to a miriad of credit information bureaus, that change their protocol (to add more information) on a constant basis. This way, the software naturally "times-out", even if you break the hard lock. If I knew someone broke a protection scheme I bought, I could change it in no time, buying it from another vendor. Just buy a hardlock from another vendor. In fact, it's clever to do it even if someone did not break it. IMHO, it's very complicated to break good hardware-based protection schemes, but software-protection schemes are much simpler, does not matter how clever they are. There is a new kind of protection scheme starting to appear: network (internet) based, where there is a "virtual hardlock"; it is actually a Web Server (or another socket solution). This kind of protection is pretty good for .NET-like software and may become a common protection scheme in the near future. There are some issues like DNS, proxy and router-based attacks, but it's pretty strong. You could also relocate some important functionality of your software to your server, so the software only would work with a compatible Web Service. Crivo Automated Credit Assessment
Hmm, I'm not sure that hardware lock is better than anything else. Both side participates in hardware lock - hardware itself and your software. But why cracker should spend time on making that lock if he can find out how to make your program to "think" that it got needed response from hardware? Again, everything can be cracked, just comes out the question - is it worth? I'm deeply understand crackers and people who use cracked software. Soft is too expensive. Ok, I'm not talking about your system for example, have no clue in it. But think about games for example. If you'll sell your game for 5$, than cracker won't want to spend much time to remove the protection. Not worth, and you as a customer will want to buy a not-cracked one, because you'll get support, upgrades and whatever. But when you are selling for 200-300-500.... $. You think many people will buy it? I don't think so. So my thought that there is not much to do with protection itself, but review the prices for example... But I'm against this, since it will lower programmers' salary also :) Philip Patrick Web-site: www.saintopatrick.com "Two beer or not two beer?" Shakesbeer Need Web-based database administrator? You already have it!
-
Hmm, I'm not sure that hardware lock is better than anything else. Both side participates in hardware lock - hardware itself and your software. But why cracker should spend time on making that lock if he can find out how to make your program to "think" that it got needed response from hardware? Again, everything can be cracked, just comes out the question - is it worth? I'm deeply understand crackers and people who use cracked software. Soft is too expensive. Ok, I'm not talking about your system for example, have no clue in it. But think about games for example. If you'll sell your game for 5$, than cracker won't want to spend much time to remove the protection. Not worth, and you as a customer will want to buy a not-cracked one, because you'll get support, upgrades and whatever. But when you are selling for 200-300-500.... $. You think many people will buy it? I don't think so. So my thought that there is not much to do with protection itself, but review the prices for example... But I'm against this, since it will lower programmers' salary also :) Philip Patrick Web-site: www.saintopatrick.com "Two beer or not two beer?" Shakesbeer Need Web-based database administrator? You already have it!
Ok, here's my first post, and thoughts on the topic. Generic software protections are bad because they're generic (kinda obvious). If you want any kind of decent protection it really does need to be completely involved with the rest of your code. For example, TimeLock -- a protection that was contained within tl32v20.dll. Inside this there were I think two comparisons for the correct unlock code. By modifying a simple part, any software could be unlocked. If you visit astalavista.box.sk you can see the countless number of protections that have been broken, from the relatively inexpensive to the extremely expensive. Reversers and crackers hold software protection companies in fairly low regard, and as such there's probably a fairly high desire to obliterate any generic protections produced. Protection routines have to be interwoven with the rest of your application. A simple check like "If isRegistered Then EnableWindow Else DisableWindow" is easy to remove, since you can either change the parameter for enablewindow to true, and its enabled even with a wrong code, or, change the comparison so it checks the generated code, with the generated code etc. There are a few sites with good suggestions for coding protections, for example, whereby the protection routine is required to build a necessary structure. Thus, if the protection routine is removed the structure isn't built and thus renders the application unstable or useless. Alternatively, if the incorrect code is entered, likewise, the structure will be built incorrectly. Of course, if it was this simple then there would be masses of great protections. Some are better than others, but its really no substitute for creating one yourself. For example, a while ago while I was reading into this subject, a reverser had suggested using a grid of checkboxes. Instead of comparing a string with a string, a random sequence of checkboxes in an array were compared. Because its not a commonly used method it requires more thought than the regular serial number entry. Or, you could incorporate parts of the structures or code within pictures using steganography. Using a somewhat similar approach to passwords that MS Research recently demonstrated, by offering users a selection of pictures. Only if the correct combination is selected will the necessary code exist to run. Again, by using something a little unique, it makes the task of cracking it a little harder. (Bear in mind I've just had this thought off the top of my head, so it may be seriously flawe
-
Our company is in the process of releasing a system that will help you protect your software from piracy and help you manage your customer licensing. Would you participate in a survey to assist us in providing the right product to meet your needs? We realise your time is valuable, so we're giving you the opportunity to win a prize, just for participating. If you would like a product that properly protects your software, please complete our survey at dev.rootsoftware.com. Many thanks. (BTW, this is a genuine survey, not dressed-up advertising or hit generation.) Russell Robinson (russellr@rootsoftware.com) Author of TTMaker (Advanced Timetabling Software) http://www.rootsoftware.com
What software authors really need for piracy protection is OS and hardware support. The OS and the hardware needs to keep users from reading (in an editor) and writing (for patches) executable files. This would also require encryption of some kind, to keep EXEs from being modified on non-compliant OSes... But wait, that's Digital Rights Management stuff, and I don't like that. Hmm... -c
"Do you mind if I smoke?" "Madam, I don't care if you burn." -Oscar Wilde Smaller Animals Software, Inc.
-
What software authors really need for piracy protection is OS and hardware support. The OS and the hardware needs to keep users from reading (in an editor) and writing (for patches) executable files. This would also require encryption of some kind, to keep EXEs from being modified on non-compliant OSes... But wait, that's Digital Rights Management stuff, and I don't like that. Hmm... -c
"Do you mind if I smoke?" "Madam, I don't care if you burn." -Oscar Wilde Smaller Animals Software, Inc.
There are a number of programs around which encrypt and pack .EXE's and decrypt and unpack them when they are loaded. From the reseach I did about a year+ back I was led to the conclusion that these techniques can cause problems, so I haven't used them. I think a better technique is to use something like a one-way hash on the .EXE which is then used to detect if it has been modified. Theoretically and in practice I think it would be quite difficult for a hacker to work around this. Neville Franks, Author of ED for Windows. www.getsoft.com
-
IMO this guy is doing the best he can to tread softly in order to get people to participate in this survey, but I wonder - how effective do people think these products are ? I'd think such a product is a gold mine to crackers - ANY protection can be broken, and even though I'd presume they'd create something seriously hard to overcome, doesn't overcoming it mean you've cracked a whole swag of programs instead of just the one ? Christian The tragedy of cyberspace - that so much can travel so far, and yet mean so little. "I'm somewhat suspicious of STL though. My (test,experimental) program worked first time. Whats that all about??!?! - Jon Hulatt, 22/3/2002
I can't talk about buisness apps, but in the games industry copy protection is just a method of slowing the pirates down, rather than preventing them altogether. Most of the sales of videogames happen in the first couple of months after release, so if the copy protection on a title is cracked 3 months after release, it would be considered sucessful, since pirate copies wouldn't have been able to effect the main selling period. Also using a farmed out copy protection system, really depends on how it works. The best form of protection is to distribute the piracy checks throughout the whole codebase, thus making it very dificult for the cracker to know that they've all been removed. Something like that would have to be found and overcome on a per-title basis, even if the cracker knows what basic system is being used. -- Help me! I'm turning into a grapefruit!
-
There are a number of programs around which encrypt and pack .EXE's and decrypt and unpack them when they are loaded. From the reseach I did about a year+ back I was led to the conclusion that these techniques can cause problems, so I haven't used them. I think a better technique is to use something like a one-way hash on the .EXE which is then used to detect if it has been modified. Theoretically and in practice I think it would be quite difficult for a hacker to work around this. Neville Franks, Author of ED for Windows. www.getsoft.com
Neville Franks wrote: From the reseach I did about a year+ back I was led to the conclusion that these techniques can cause problems, so I haven't used them. I haven't had any problems using PE compression and encrypting, stuff, although advice everywhere suggests it is not good to do. :confused: Regardz Colin J Davies
Sonork ID 100.9197:Colin
I think it's interesting that we often qu-ote each other in our sigs and attribute the qu-otes to "The Lounge". --- Daniel Fergusson, "The Lounge"
-
Neville Franks wrote: From the reseach I did about a year+ back I was led to the conclusion that these techniques can cause problems, so I haven't used them. I haven't had any problems using PE compression and encrypting, stuff, although advice everywhere suggests it is not good to do. :confused: Regardz Colin J Davies
Sonork ID 100.9197:Colin
I think it's interesting that we often qu-ote each other in our sigs and attribute the qu-otes to "The Lounge". --- Daniel Fergusson, "The Lounge"
****Colin Davies wrote: I haven't had any problems using PE compression and encrypting, stuff, although advice everywhere suggests it is not good to do. I can't site any specific cases. For larger apps loading is slowed down, which could be a problem. This is a seperate issue again though. Neville Franks, Author of ED for Windows. www.getsoft.com
-
I can't talk about buisness apps, but in the games industry copy protection is just a method of slowing the pirates down, rather than preventing them altogether. Most of the sales of videogames happen in the first couple of months after release, so if the copy protection on a title is cracked 3 months after release, it would be considered sucessful, since pirate copies wouldn't have been able to effect the main selling period. Also using a farmed out copy protection system, really depends on how it works. The best form of protection is to distribute the piracy checks throughout the whole codebase, thus making it very dificult for the cracker to know that they've all been removed. Something like that would have to be found and overcome on a per-title basis, even if the cracker knows what basic system is being used. -- Help me! I'm turning into a grapefruit!
benjymous wrote: Also using a farmed out copy protection system, really depends on how it works. The best form of protection is to distribute the piracy checks throughout the whole codebase, thus making it very dificult for the cracker to know that they've all been removed. Something like that would have to be found and overcome on a per-title basis, even if the cracker knows what basic system is being used. Absolutely one of the keys (no pun intended) to achieving a better outcome. Also don't check the second the app starts, but some random time later, every nth use, or whatever. Lots of twists to make it more difficult. By using a range of techniques you can accomplish a lot. Neville Franks, Author of ED for Windows. www.getsoft.com
-
There are a number of programs around which encrypt and pack .EXE's and decrypt and unpack them when they are loaded. From the reseach I did about a year+ back I was led to the conclusion that these techniques can cause problems, so I haven't used them. I think a better technique is to use something like a one-way hash on the .EXE which is then used to detect if it has been modified. Theoretically and in practice I think it would be quite difficult for a hacker to work around this. Neville Franks, Author of ED for Windows. www.getsoft.com
Neville Franks wrote: Theoretically and in practice I think it would be quite difficult for a hacker to work around this.
if (dwCRC != dwGoodCRC)
{
badEXE();
}it's easy. -c
"Do you mind if I smoke?" "Madam, I don't care if you burn." -Oscar Wilde Smaller Animals Software, Inc.
-
Neville Franks wrote: Theoretically and in practice I think it would be quite difficult for a hacker to work around this.
if (dwCRC != dwGoodCRC)
{
badEXE();
}it's easy. -c
"Do you mind if I smoke?" "Madam, I don't care if you burn." -Oscar Wilde Smaller Animals Software, Inc.
Chris Losinger wrote: if (dwCRC != dwGoodCRC){ badEXE();} it's easy. If the hacker can find this test, and assuming it is done in only one place then yes it can be bypassed. But if you do something as simple as this then of course you won't have a very good protection system. Also the problem with a CRC is that a hacker can patch your code then calculate a new correct CRC and apply it. That is why I've suggested using a one way hash, and not a CRC. Neville Franks, Author of ED for Windows. www.getsoft.com
-
Chris Losinger wrote: if (dwCRC != dwGoodCRC){ badEXE();} it's easy. If the hacker can find this test, and assuming it is done in only one place then yes it can be bypassed. But if you do something as simple as this then of course you won't have a very good protection system. Also the problem with a CRC is that a hacker can patch your code then calculate a new correct CRC and apply it. That is why I've suggested using a one way hash, and not a CRC. Neville Franks, Author of ED for Windows. www.getsoft.com
how is a hash function more tamper proof than a crc function? they're both data-in, data-out. -c
"Do you mind if I smoke?" "Madam, I don't care if you burn." -Oscar Wilde Smaller Animals Software, Inc.
-
how is a hash function more tamper proof than a crc function? they're both data-in, data-out. -c
"Do you mind if I smoke?" "Madam, I don't care if you burn." -Oscar Wilde Smaller Animals Software, Inc.
When you generate the hash you use a key which only you know. The key never appears in the app, so it isn't possible for anyone else to generate a hash that will work. Neville Franks, Author of ED for Windows. www.getsoft.com
-
****Colin Davies wrote: I haven't had any problems using PE compression and encrypting, stuff, although advice everywhere suggests it is not good to do. I can't site any specific cases. For larger apps loading is slowed down, which could be a problem. This is a seperate issue again though. Neville Franks, Author of ED for Windows. www.getsoft.com
Neville Franks wrote: For larger apps loading is slowed down, Fair enough, most of my apps are "tiny" and are not Enterprise sized. Regardz Colin J Davies
Sonork ID 100.9197:Colin
I think it's interesting that we often qu-ote each other in our sigs and attribute the qu-otes to "The Lounge". --- Daniel Fergusson, "The Lounge"