Custome Security

[eAGLe_eYe]

Hi guys, sorry for this stupid question !

For the customised security of Software..
1.a license file like .lic etc contains information about valid serials,activation code,installation code and subscription expiry date and software version typy like Standard,Pro,enterprize,ultimate etc.
2.The .lic also contains some functions code which is depend on version type,for example Pro version has more functions than Standard.
3.When initialising main exe is reads all info about software and software type from .lic file which is provided to customer by vender.

These are my little and stupid logic for preventing software.
If any guys has info or experience about this type of logic,your advise or comments is much appreciate.

Best Regards,
eAGLe_eYe

[Kerlingen]

This is the way most modern software protection works. But you would probably find decryption keys for code already existing in the main exe in the license file instead of code missing from the software.

[giv]

The best custom protections are separate versions for each type of product each coded appropriately.

[eAGLe_eYe]

Quote:

But you would probably find decryption keys for code already existing in the main exe in the license file instead of code missing from the software.

Yes,this is most important part,but i want some functions code in the .lic file which can be write in exe instead.Is it possible that main exe execuite code from .lic file.
More foccus on this issue apppreciet.

Beast Regards,
eAGLe_eYe

[Ghandi2006]

Is it possible that main exe execuite code from .lic file.

Yes, read the file into memory and perform any modifications necessary then thunk with a call/jmp BUT being that it is modifying memory and then executing it, AV may flag it as malware.

For the customised security of Software..
1.a license file like .lic etc contains information about valid serials,activation code,installation code and subscription expiry date and software version typy like Standard,Pro,enterprize,ultimate etc.
2.The .lic also contains some functions code which is depend on version type,for example Pro version has more functions than Standard.
3.When initialising main exe is reads all info about software and software type from .lic file which is provided to customer by vender.


Problem: One leaked license file and the system is compromised, welcome to the cat and mouse game of protection,

HR,
Ghandi

[Kerlingen]

Quote:

Originally Posted by eAGLe_eYe

Yes,this is most important part,but i want some functions code in the .lic file which can be write in exe instead.Is it possible that main exe execuite code from .lic file.

The main idea is you put all code you ever need in the executable and encrypt the parts which should be only available in selected versions/editions with a secret key. Then you supply the customer with a license file, which only contains decryption keys for the parts he has a valid license for. The customers can then download updates and new versions from your homepage whenever they like and use their old license file without problems. You only need one version of you software, which you can put on a normal webserver for download and still have the best possible protection this method can offer.

Your idea is just bad, really really bad. To make it simple and short, executing code from the license file just isn't possible. It's ugly, messy, sloppy and shows everybody, that they should never buy software from you, since you haven't even understood the very basic principles of computers.

But even if you ignore that, you would get crazy maintaining your software. Every license file is valid for just one software, every customer needs his own version of the software, each update needs you to give new license files to all your customers, each new license file needs customers to update to the matching version, in multi-user environments they need to take care of which version is installed on which computer, what license file belongs to it, every computer needs his own local copy of the software, you can't run it on servers or terminal servers. Old versions don't work with new licenses, old licenses not with new versions. Upgrades need customers to install different versions.

In short: If you have 10 customers and your product offers 6 different features, you will have to compile and package 14400 individual builds of your software, for every single update you made and will ever make and always have them all accessible at all time, since you never know when and what customer would like to upgrade oder downgrade or redownload his software. Now imagine you don't have 10 customers, but 10000 customers...

And what's the result of this irremediably chaos? Absolutely nothing, since it doesn't offer any additional protection.

[ReBirth]

The best protection:
- Give customer what they need no more no less.
- Being available to fix/Update what ever they need.
just my 2 cents

[eAGLe_eYe]

Quote:

welcome to the cat and mouse game of protection.

I think crackers always wins game.

Quote:

The main idea is you put all code you ever need in the executable and encrypt the parts which should be only available in selected versions/editions with a secret key. Then you supply the customer with a license file, which only contains decryption keys for the parts he has a valid license for.

Yah,today in the market,mostly used this trick and reliable too.
No one is 100% safe and secuired for a long time.Developer is ahead and cracker walks behind it.Finally game goes to cracker site and everyone can see it day by day.

Best Regards,
eAGLe_eYe