|
|
|
|
#1
05-12-2004, 00:46
|
|||
|
|||
|
hehehe, thanks for the info Ricardo and for being so kind with sisters
 Well, I was talking a bit about software protection in general. I read in a forum that one shareware author was asking why programs can be cracked when you have unbreakable cryptographic algoritms out there. Many programmers don't realise that to crack a program you dont need to have knowledge about cryptographic, just use other simpler ways (dump, rebuild IAT...). So, the shareware author was talking about his posibilities of programming a cryptographic algorithm in his program and that was the perfect software protector against cracking in general. (he was far from the reality  )
|
|
#3
05-12-2004, 01:08
|
|||
|
|||
|
If one uses the cryptographic process to protect certain functions in the software, which will not decrypt, and therefore not operate unless the proper code is entered and they have used a strong encryption "properly", it is not likely that one can get a fully functioning software unless one is capable of writing the missing elements. While this depends on the proper choice of the functions to protect, it is a fairly effective protection system. The problem is that the shareware software vendors seem not to impliment these features in their programs. This is a common problem of those who fail to use asprotect to its full potential. While I'm less familiar with the choices offered arma users, I would suspect that they,also, often fail to use its capabilities to their full potential, leaving aside the issue of the incorrect implimentation of the earlier cryptographic systems which was actually arma's error.
Regards,
__________________
JMI
|
|
#4
05-12-2004, 01:19
|
|||
|
|||
|
Hi JMI,
Yes, you are right and that's a good way to protect. Though that protection way is not applicable to all kind of software (like when you have to release a COMPLETE version of your program but with trial limits). Anyway, shareware authors can do a lot more from his source code like that encryption scheme that you talked about....Programmers seem very lazy for that and they just complain when it's cracked in a few days
|
|
#5
05-12-2004, 01:49
|
|||
|
|||
|
As a general rule, the only way to actually protect a trial software is to NOT make it complete. If you make it complete and give a timelimit, some enterprising cracker is going to figure out how to remove the time limit. Afterall, it has to have a check stored somewhere. Even having it check the software companies computer can be tricked. If one can keep the debugger running and has enough patience, it can be found and defeated.
Again, just a general observation. Regards,
__________________
JMI
|
|
#6
05-12-2004, 15:38
|
||||
|
||||
|
Peleon: "shareware authors can do a lot more from his source code like that encryption scheme that you talked about"
Very, very, very wrong my friend. First of all shareware and commercial authors have no clue how crackers work and which tools they use. Even if some of them know what tools crackers use then it would take them long years to defeat them (tools) and every day new tools are developed. I saw a lot of protected software in which the protection was "messed" and doubled sever times - for me it was obvious that it tooks a lot of time to design and test it but usually it took me no more than 20 minutes to defeat them, not because I am masta cracka but because the protection was not tested (by crackers). Tell an company to implement 1000 protections in their software and that won't change the fact that it would take few minutes to break it. What are the best protections? The one made by crackers - it is and will be a rule, always. Look at PeLock, Obsidium, AsProtect, AcProtect, etc. - they were made by crackers and beat every dongle and own commercial/shareware protections. About JMI idea. I agree totally. I will give you (Peleon) an example: 1. I am protecting an app. 2. I am crypting the code between 401234 - 404321 with my private RSA-1024 key. 3. Now I am generating hardware dependent licence files for every my customer which is connected with HDID+PubKey. 4. The software will run only with the proper key. How would you crack the sofware without LEGAL key bought for YOUR machine? If you won't buy the key - It's impossible. As you see carefully implemented software protection based on a cryptography gives you a lot better protection. Add some anti-*, anti-* and you have the strongest possible protection. Remember: the most simpliest ideas are the most strongest. Peleon: I don't want to learn or beat you. With all respect to your person (skilled for sure) I'm probably a little older man and that's why I've allowed myself to take a word in this discussion. Please learn from it and don't get offended. I left all the coments for you guys... It's very deep topic... dyn!o Last edited by dyn!o; 05-12-2004 at 15:46.
|
|
#7
05-12-2004, 16:04
|
|||
|
|||
|
Hi dyn!o, of course, not offended here
 Thanks a lot for the information. Indeed, lots to think about this subject cos it looks promisingDidnt know that Alexey (asprotect) was a cracker  Regards
|
|
#8
05-12-2004, 16:15
|
||||
|
||||
|
Yesterday I thought I know much. Today I think I knew very little. Tomorrow I will be sure I didn't knew anything.
Think about it .dyn!o
|
 |
| Thread Tools | |
| Display Modes | |
|
|
Similar Threads
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| two questions for admin | TomaHawk | General Discussion | 8 | 04-01-2014 00:51 |
| 2 questions about hasp | suddenLy | General Discussion | 3 | 01-12-2005 01:51 |
| 2 questions (IDA / Windows 2k/2k3) | skyper | General Discussion | 8 | 04-22-2004 08:44 |
| questions about code | bartster | General Discussion | 19 | 02-14-2004 01:31 |
| some unpacking questions | gnasher | General Discussion | 2 | 01-03-2004 20:44 |
Hybrid Mode
