Crackers - They think that they are so smart!
-
Hi, I got this e-mail 5 minutes ago. It seems really interesting. These son of bi****s think that they are very clever. AGGGGH. I am really VERY ANGRY!!! :mad: :mad: ******************************************************* We are two friends from Spain. We heard about your program and we tried it for a while. We really enjoyed with it and we decided to have it forever. And you will wonder... how? As you know (and everybody knows) we only had to find the crack for the version v 1.5 We REALIZED that you had changed the program but not the version, so the crack did not work. What did we do? Just search the previous version (still named version 1.5) and finally the patch worked. We are very sorry, but we are not paying you anything for the program. You thought you were cleverer than ours, but remember... never underestimate the power of two anxious people. It is time to say you goodbye, and do not worry because we are telling the crackers that you have changed the program without changing the version number. Bye. ******************************************************* Mustafa Demirhan
-
Hi, I got this e-mail 5 minutes ago. It seems really interesting. These son of bi****s think that they are very clever. AGGGGH. I am really VERY ANGRY!!! :mad: :mad: ******************************************************* We are two friends from Spain. We heard about your program and we tried it for a while. We really enjoyed with it and we decided to have it forever. And you will wonder... how? As you know (and everybody knows) we only had to find the crack for the version v 1.5 We REALIZED that you had changed the program but not the version, so the crack did not work. What did we do? Just search the previous version (still named version 1.5) and finally the patch worked. We are very sorry, but we are not paying you anything for the program. You thought you were cleverer than ours, but remember... never underestimate the power of two anxious people. It is time to say you goodbye, and do not worry because we are telling the crackers that you have changed the program without changing the version number. Bye. ******************************************************* Mustafa Demirhan
I feel your pain brother, They are ar*eh*les. Everyone knows all safes can be cracked, And so all software can be cracked also. What makes a software developer great isn't creating an uncrackable program, but the insight, and creativity to develop an application that ar*eh*les will want to crack or imitate. I'm sure many of us here at CP forum understand how you feel. Regardz Colin J Davies P.S I need beta testers for VMTU.
Speed up your internet connection with VMTU
Variable Maximum Transfer Unit, or VMTU is an algorithm for negotiating the packet sizes passed from your Internet Service Provider (ISP) to your Internet TCP connection. The connection speed does not increase; the throughput of the modem is improved.
-
Hi, I got this e-mail 5 minutes ago. It seems really interesting. These son of bi****s think that they are very clever. AGGGGH. I am really VERY ANGRY!!! :mad: :mad: ******************************************************* We are two friends from Spain. We heard about your program and we tried it for a while. We really enjoyed with it and we decided to have it forever. And you will wonder... how? As you know (and everybody knows) we only had to find the crack for the version v 1.5 We REALIZED that you had changed the program but not the version, so the crack did not work. What did we do? Just search the previous version (still named version 1.5) and finally the patch worked. We are very sorry, but we are not paying you anything for the program. You thought you were cleverer than ours, but remember... never underestimate the power of two anxious people. It is time to say you goodbye, and do not worry because we are telling the crackers that you have changed the program without changing the version number. Bye. ******************************************************* Mustafa Demirhan
Hi Mustafa I understand your pain.... An year ago I wrote a spam cleaner and released it as shareware. It never expires but there is a nag screen at program-startup. recently a friend wanted to download it and asked me for the fastest mirror. I asked him to search google. He mailed me later saying, he got some 50 hits...about 20 of them were valid sites where the software was available for download...The remaining were all cracks or reg-key-generators :-) actually I felt a little happy too that so many crackers were interested enough to do that but then I guess they'd do it for any piece of shareware they came across :-) Nish
-
Hi, I got this e-mail 5 minutes ago. It seems really interesting. These son of bi****s think that they are very clever. AGGGGH. I am really VERY ANGRY!!! :mad: :mad: ******************************************************* We are two friends from Spain. We heard about your program and we tried it for a while. We really enjoyed with it and we decided to have it forever. And you will wonder... how? As you know (and everybody knows) we only had to find the crack for the version v 1.5 We REALIZED that you had changed the program but not the version, so the crack did not work. What did we do? Just search the previous version (still named version 1.5) and finally the patch worked. We are very sorry, but we are not paying you anything for the program. You thought you were cleverer than ours, but remember... never underestimate the power of two anxious people. It is time to say you goodbye, and do not worry because we are telling the crackers that you have changed the program without changing the version number. Bye. ******************************************************* Mustafa Demirhan
There isn't a damn thing you can do about it. All registration codes and stuff like that does it keep honest and stupid people legit. There is NOTHING you can do to prevent that stuff. :( That is one of the reasons you find I am such a big defender of the right of software producers. That even includes the EVIL Microsoft. :) Tim Smith Descartes Systems Sciences, Inc.
-
There isn't a damn thing you can do about it. All registration codes and stuff like that does it keep honest and stupid people legit. There is NOTHING you can do to prevent that stuff. :( That is one of the reasons you find I am such a big defender of the right of software producers. That even includes the EVIL Microsoft. :) Tim Smith Descartes Systems Sciences, Inc.
That is one of the reasons you find I am such a big defender of the right of software producers. That even includes the EVIL Microsoft. Yeah as much as I detest XP's Activation setup, I support them in creating it. If you want it pay for the blo*dy thing ! Regardz Colin J Davies P.S I need beta testers for VMTU.
Speed up your internet connection with VMTU
Variable Maximum Transfer Unit, or VMTU is an algorithm for negotiating the packet sizes passed from your Internet Service Provider (ISP) to your Internet TCP connection. The connection speed does not increase; the throughput of the modem is improved.
-
That is one of the reasons you find I am such a big defender of the right of software producers. That even includes the EVIL Microsoft. Yeah as much as I detest XP's Activation setup, I support them in creating it. If you want it pay for the blo*dy thing ! Regardz Colin J Davies P.S I need beta testers for VMTU.
Speed up your internet connection with VMTU
Variable Maximum Transfer Unit, or VMTU is an algorithm for negotiating the packet sizes passed from your Internet Service Provider (ISP) to your Internet TCP connection. The connection speed does not increase; the throughput of the modem is improved.
Yep. There is nothing that we can do. We can just make cracking harder. Nothing more. But the interesting thing is that these bast***s let me know that they cracked it, and it seems that they are very happy. X| PS: I hate to pay more than $1,000 each year to the EVIL Microsoft every year (for MSDN Professional Subs.) But that is the way it works. Mustafa Demirhan
-
Yep. There is nothing that we can do. We can just make cracking harder. Nothing more. But the interesting thing is that these bast***s let me know that they cracked it, and it seems that they are very happy. X| PS: I hate to pay more than $1,000 each year to the EVIL Microsoft every year (for MSDN Professional Subs.) But that is the way it works. Mustafa Demirhan
I hate to pay more than $1,000 each year to the EVIL Microsoft every year (for MSDN Professional Subs.) But that is the way it works Yeah if you want the MSDN you pay for it ! Just the same as what you should do for MacroAngel, Remember all comercial registration systems can be beat, thats why it pays to implement your own. Unfortunatly I spend 70% of my coding time now on security. But thats another spot us VC++ folk have over the commercial VBers who seem to all use commercialised protection systems. Actually the best secure coders, I've been told also practise cracking to learn how to protect. I'm not at that stage yet. Regardz Colin J Davies P.S I need beta testers for VMTU.
Speed up your internet connection with VMTU
Variable Maximum Transfer Unit, or VMTU is an algorithm for negotiating the packet sizes passed from your Internet Service Provider (ISP) to your Internet TCP connection. The connection speed does not increase; the throughput of the modem is improved.
-
I hate to pay more than $1,000 each year to the EVIL Microsoft every year (for MSDN Professional Subs.) But that is the way it works Yeah if you want the MSDN you pay for it ! Just the same as what you should do for MacroAngel, Remember all comercial registration systems can be beat, thats why it pays to implement your own. Unfortunatly I spend 70% of my coding time now on security. But thats another spot us VC++ folk have over the commercial VBers who seem to all use commercialised protection systems. Actually the best secure coders, I've been told also practise cracking to learn how to protect. I'm not at that stage yet. Regardz Colin J Davies P.S I need beta testers for VMTU.
Speed up your internet connection with VMTU
Variable Maximum Transfer Unit, or VMTU is an algorithm for negotiating the packet sizes passed from your Internet Service Provider (ISP) to your Internet TCP connection. The connection speed does not increase; the throughput of the modem is improved.
There is an interesting article, although focussed toward game programming, here. It goes into quite a lot of depth about the copy and crack protection scheme that a games company used and it kept crackers at bay for two months! I must admit, some of the techniques aren't applicable to non-games programming but I still found it an interesting read nonetheless. -- Andrew.
-
Hi, I got this e-mail 5 minutes ago. It seems really interesting. These son of bi****s think that they are very clever. AGGGGH. I am really VERY ANGRY!!! :mad: :mad: ******************************************************* We are two friends from Spain. We heard about your program and we tried it for a while. We really enjoyed with it and we decided to have it forever. And you will wonder... how? As you know (and everybody knows) we only had to find the crack for the version v 1.5 We REALIZED that you had changed the program but not the version, so the crack did not work. What did we do? Just search the previous version (still named version 1.5) and finally the patch worked. We are very sorry, but we are not paying you anything for the program. You thought you were cleverer than ours, but remember... never underestimate the power of two anxious people. It is time to say you goodbye, and do not worry because we are telling the crackers that you have changed the program without changing the version number. Bye. ******************************************************* Mustafa Demirhan
Programs will always be cracked but to contact the author to boast about it is lame.
-
Hi, I got this e-mail 5 minutes ago. It seems really interesting. These son of bi****s think that they are very clever. AGGGGH. I am really VERY ANGRY!!! :mad: :mad: ******************************************************* We are two friends from Spain. We heard about your program and we tried it for a while. We really enjoyed with it and we decided to have it forever. And you will wonder... how? As you know (and everybody knows) we only had to find the crack for the version v 1.5 We REALIZED that you had changed the program but not the version, so the crack did not work. What did we do? Just search the previous version (still named version 1.5) and finally the patch worked. We are very sorry, but we are not paying you anything for the program. You thought you were cleverer than ours, but remember... never underestimate the power of two anxious people. It is time to say you goodbye, and do not worry because we are telling the crackers that you have changed the program without changing the version number. Bye. ******************************************************* Mustafa Demirhan
it's amazing how all of those little cracker kiddies speak (type) alike. it's like they went to the same english-as-a-second-language school or something. and they're always so friggin arrogant and smug, but at the same time, full of typing and grammar mistakes. that drives me crazy. here's what i do: 1. release often, to keep the patch makers busy 2. control distribution by not letting anyone else host my stuff and no magazine CDs. this way, the only version available is the current version 3. only distribute the latest version. sometimes i'll get people asking me for specific old versions, probably because they have a patch that only works on that version. i never give it out. so after three years, my programs have hundreds of patches, but it's almost impossible to find any but the latest version. and that changes frequently enough that there's rarely a patch available for it. -c
Smaller Animals Software, Inc. http://www.smalleranimals.com
-
I hate to pay more than $1,000 each year to the EVIL Microsoft every year (for MSDN Professional Subs.) But that is the way it works Yeah if you want the MSDN you pay for it ! Just the same as what you should do for MacroAngel, Remember all comercial registration systems can be beat, thats why it pays to implement your own. Unfortunatly I spend 70% of my coding time now on security. But thats another spot us VC++ folk have over the commercial VBers who seem to all use commercialised protection systems. Actually the best secure coders, I've been told also practise cracking to learn how to protect. I'm not at that stage yet. Regardz Colin J Davies P.S I need beta testers for VMTU.
Speed up your internet connection with VMTU
Variable Maximum Transfer Unit, or VMTU is an algorithm for negotiating the packet sizes passed from your Internet Service Provider (ISP) to your Internet TCP connection. The connection speed does not increase; the throughput of the modem is improved.
I'm going to need to try and introduce some kind of registration system for my software in the next few months, however I'm clueless on how to go about it. Anybody point me in the direction of some info on how to start building one, Michael :-)
-
I'm going to need to try and introduce some kind of registration system for my software in the next few months, however I'm clueless on how to go about it. Anybody point me in the direction of some info on how to start building one, Michael :-)
the old standby: license files. make a little file with a whole lot of stuff in it (user name, email, phone number, etc), encrypted. send them that file. then for the 'registration' step, make the user enter some of the data that you've put in the license file. encrypt the entered data and compare it to the license. if it matches, hooray for them. store the entered data somewhere. or, if you don't like files, you can do a one-way hash of the user's data, send him that hash string. the registration step is then: user enters his data, you find the one-way hash of it and compare. if it works, hooray. store the hash stuff somewhere. or, here's a good one: get some user info (name, address, whatever) find the hash of it. get some registration options. combine the hash and the reg info in a structure of some kind, encrypt it, turn it into a hex string. send that string to the user. for the registration step, ask the user for the his info (name, address, whatever) and the string, decrypt the string, extract the two parts (hash and reg info). hash the entered info and compare to the string's hash. store the string and the hash stuff somewhere. i use these three in a few of my apps. the drawbacks are obvious, keygens and sharing of registration info. keygens are somewhat easy, unless you use public-key encryption. sharing of reg info is a tough one, but if you put name/address/phone # in the reg info, you can discourage this, too. don't test the reg info as soon as they enter it - that's too easy. store the reg info and force a restart. check the info incrementally, do parts throughout your startup sequence. do the good vs. bad comparisons in many places in your app. try to avoid having a "IsGoodUser" function that can easily be found and broken - do it with macros so that the code actually shows up everywhere. use a lot of different macros to do this - so that you aren't using code that looks the same everywhere. this just makes the cracker's job longer and more tedious. use code to test the integrity of your EXE. do a checksum or a CRC on your app. store the CRC value from the original EXE somewhere on the EXE itself (probably the end of the EXE, or on a utility DLL or some other file that you ship). test the CRC in many places in your app, not only at start up. do it in places a user might go only 10% of the time. fail in subtle ways, don't just pop up a message box that says "wahh! you modified me!". if the CRC check fails (ie., the app has been modified), you're either dealing with a cracker or a vi
-
the old standby: license files. make a little file with a whole lot of stuff in it (user name, email, phone number, etc), encrypted. send them that file. then for the 'registration' step, make the user enter some of the data that you've put in the license file. encrypt the entered data and compare it to the license. if it matches, hooray for them. store the entered data somewhere. or, if you don't like files, you can do a one-way hash of the user's data, send him that hash string. the registration step is then: user enters his data, you find the one-way hash of it and compare. if it works, hooray. store the hash stuff somewhere. or, here's a good one: get some user info (name, address, whatever) find the hash of it. get some registration options. combine the hash and the reg info in a structure of some kind, encrypt it, turn it into a hex string. send that string to the user. for the registration step, ask the user for the his info (name, address, whatever) and the string, decrypt the string, extract the two parts (hash and reg info). hash the entered info and compare to the string's hash. store the string and the hash stuff somewhere. i use these three in a few of my apps. the drawbacks are obvious, keygens and sharing of registration info. keygens are somewhat easy, unless you use public-key encryption. sharing of reg info is a tough one, but if you put name/address/phone # in the reg info, you can discourage this, too. don't test the reg info as soon as they enter it - that's too easy. store the reg info and force a restart. check the info incrementally, do parts throughout your startup sequence. do the good vs. bad comparisons in many places in your app. try to avoid having a "IsGoodUser" function that can easily be found and broken - do it with macros so that the code actually shows up everywhere. use a lot of different macros to do this - so that you aren't using code that looks the same everywhere. this just makes the cracker's job longer and more tedious. use code to test the integrity of your EXE. do a checksum or a CRC on your app. store the CRC value from the original EXE somewhere on the EXE itself (probably the end of the EXE, or on a utility DLL or some other file that you ship). test the CRC in many places in your app, not only at start up. do it in places a user might go only 10% of the time. fail in subtle ways, don't just pop up a message box that says "wahh! you modified me!". if the CRC check fails (ie., the app has been modified), you're either dealing with a cracker or a vi
But the hardest part is to select a place for storing the user data, installation date, ..etc. If one finds it and deletes it, 30 day counter will start from the beginning. Also CRC check can be easily cracked. I really cant imagine a way that cant be cracked. I even heard that Microsoft's Activation system is cracked so far. I cant believe this. But IMHO, the best way to stop these guys is having a web based registration system. Program connects to the server program, and checks if it is valid or not. For example, Add Web and some Internet Related programs uses this and it is quite efficient. But this has an disadvantage: This may make your REAL customers feel uncomfortable. :confused: Lastly, I used Armadillo Protection system in one of my programs and I loved it. "It wraps around your program like an armored shell, defending your work from pirates and program crackers while enforcing your license agreement." Moreover, it compresses your program and this makes it really really hard to crack the program. It also does many CRC checks, so that cracking the shell is also very hard. Currently, I cannot use it because 1. It uses 1-2 MB more memory 2. I may (rarely) have side-effects on some programs. It made my program to get the date/time of the system wrong. And since my program is a scheduling/automation program, I couldnt use it. Mustafa Demirhan
-
it's amazing how all of those little cracker kiddies speak (type) alike. it's like they went to the same english-as-a-second-language school or something. and they're always so friggin arrogant and smug, but at the same time, full of typing and grammar mistakes. that drives me crazy. here's what i do: 1. release often, to keep the patch makers busy 2. control distribution by not letting anyone else host my stuff and no magazine CDs. this way, the only version available is the current version 3. only distribute the latest version. sometimes i'll get people asking me for specific old versions, probably because they have a patch that only works on that version. i never give it out. so after three years, my programs have hundreds of patches, but it's almost impossible to find any but the latest version. and that changes frequently enough that there's rarely a patch available for it. -c
Smaller Animals Software, Inc. http://www.smalleranimals.com
Yes! This may be the best way. In fact it worked for me for more than 2 months :rolleyes: Mustafa Demirhan
-
I'm going to need to try and introduce some kind of registration system for my software in the next few months, however I'm clueless on how to go about it. Anybody point me in the direction of some info on how to start building one, Michael :-)
Heres a crackers link http://tsehp.cjb.net/ the guy Fravia doesn't sound so bad, the site has a lot of information on cracking and reverse engineering. You need to get into a crackers mind. I now mangle my exe's after building them and before puitting a wrap around installer on them. Also I check for debugggers functioning, and crash my apps on there detection. One trick I'm perfecting is hiding the process from the Windows spys, by self spooling semi-invisible processes and threads. I'm considering implementing a protection system similar to XP's activation. Unfortunatly if I or some one else publishes the specifics on registration techniques, It makes it like a commercial registration system(easy to crack) Regardz Colin J Davies P.S I need beta testers for VMTU.
Speed up your internet connection with VMTU
Variable Maximum Transfer Unit, or VMTU is an algorithm for negotiating the packet sizes passed from your Internet Service Provider (ISP) to your Internet TCP connection. The connection speed does not increase; the throughput of the modem is improved.
-
Heres a crackers link http://tsehp.cjb.net/ the guy Fravia doesn't sound so bad, the site has a lot of information on cracking and reverse engineering. You need to get into a crackers mind. I now mangle my exe's after building them and before puitting a wrap around installer on them. Also I check for debugggers functioning, and crash my apps on there detection. One trick I'm perfecting is hiding the process from the Windows spys, by self spooling semi-invisible processes and threads. I'm considering implementing a protection system similar to XP's activation. Unfortunatly if I or some one else publishes the specifics on registration techniques, It makes it like a commercial registration system(easy to crack) Regardz Colin J Davies P.S I need beta testers for VMTU.
Speed up your internet connection with VMTU
Variable Maximum Transfer Unit, or VMTU is an algorithm for negotiating the packet sizes passed from your Internet Service Provider (ISP) to your Internet TCP connection. The connection speed does not increase; the throughput of the modem is improved.
> You need to get into a crackers mind. Quite the oppsite. If you want to crack something you have to get into the mind of the one writing the anti-crack protection. I've never "released" a crack of anything, but I've analyzed a few programs for my own personal entertainment, and in this process I can say that I've gotten to know the minds of these people (mostly on IA32, and I can say I have come to know this POS - IA32). Around 1982, '83, I made Frogger use keyboard instead of joystick on my VIC-20, and from then on I've always been interested in copy- and crack- protections. This was for all intents and purposes a "crack" of the original game, even that it was only changes for my own pleasure and to the extent that I could play it with my hardware. This was only to display that not all "cracks" are bad. Fravia is a great resource for research and I honestly think anyone seriously interested in any part of these areas (either trying to lock down or trying to "crack") should read some essays. Some might be seen as silly but some are quite educating. If you think all using these techniques are "commercial crackers" you are wrong. There are even legit uses (morally right but US-law wrong, like getting a game to work with a DVD player that the game does not understand because of the non-accepted "copy protection"). >I now mangle my exe's after building them and before >puitting a wrap around installer on them. Wonderful. Makes your exe's look for all intent and purposes like a virus or a worm? > Also I check for debugggers functioning, and crash > my apps on there detection. Great idea. Let's crash! Seriously, this only makes your software look bad and no-one trying a cracked version would buy it. Sometimes after trying a cracked version people do buy the full product... > One trick I'm perfecting is hiding the process > from the Windows spys, by self spooling semi- > invisible processes and threads Do that, and I can almost assure you that you'll be declared a virus writer (for one thing you'd have to use undocumented NT calls) and I sure as hell wouldn't touch anything I knew you'd have been anywhere near. Not too god on a site as CodeProject, eh? "Hiding" a process == viral code IMNSHO. /Mike - No, I've never looked at VMTU and if I continue to see that ad I'd recooment everyone I know to never even try it! I don't want VMTU, I want a working 'net! You delay it.
-
But the hardest part is to select a place for storing the user data, installation date, ..etc. If one finds it and deletes it, 30 day counter will start from the beginning. Also CRC check can be easily cracked. I really cant imagine a way that cant be cracked. I even heard that Microsoft's Activation system is cracked so far. I cant believe this. But IMHO, the best way to stop these guys is having a web based registration system. Program connects to the server program, and checks if it is valid or not. For example, Add Web and some Internet Related programs uses this and it is quite efficient. But this has an disadvantage: This may make your REAL customers feel uncomfortable. :confused: Lastly, I used Armadillo Protection system in one of my programs and I loved it. "It wraps around your program like an armored shell, defending your work from pirates and program crackers while enforcing your license agreement." Moreover, it compresses your program and this makes it really really hard to crack the program. It also does many CRC checks, so that cracking the shell is also very hard. Currently, I cannot use it because 1. It uses 1-2 MB more memory 2. I may (rarely) have side-effects on some programs. It made my program to get the date/time of the system wrong. And since my program is a scheduling/automation program, I couldnt use it. Mustafa Demirhan