 |
JLRodgers
Level: Moderator
Registered: 04-04-2002
Posts: 1664
|
Re: Preventinng CD Copy
If you mean to write it on the CD, the CD couldn't be closed (it'd have to be multisesson), and then it could still be copied. If it were re-writable, you could overwrite info, but it'd still be hackable.
Not to mention that people that distribute software on CD can go through companies that make a glass master (I think that's what it's called) and make the CD that way, which would be impossible to write to.
____________________________
Everywhere's Local (classifieds, job postings, & more for everycity in the world - user entered)
|
|
29-05-2003 at 06:11 AM |
|
|
JLRodgers
Level: Moderator
Registered: 04-04-2002
Posts: 1664
|
Re: Preventinng CD Copy
Both methods would be hackable:
CDR - multisession, copy 1 session and it's cracked
CDRW - copy CD to CDR before install, potentially cracked, note changes, cracked
____________________________
Everywhere's Local (classifieds, job postings, & more for everycity in the world - user entered)
|
|
30-05-2003 at 03:20 AM |
|
|
vbgen
Level: Moderator
Registered: 10-10-2002
Posts: 876
|
Re: Preventinng CD Copy
there still are some honest people out there who do not support piracy...
...but the truth is, the amount isn't significant. 
=======================================
i guess there also are some people who aren't aware of these hacks and cracks...
...which is also quite an insignificant number too. 
=======================================
BUT! until the hardware technology comes around and becomes full-proof...
I seriously would consider doing things the irritating way.
create a program that YOU as the programmer CAN customize according to the buyer's hardware.. then compile and deliver. it's a one to one basis, and the program will only run on the pc the installed it in... and only the pc(hardware-wise) it was installed in...
changing of any important part of hardware included in the software would force a re-purchase of the product.
this irritates the consumers, ESPECIALLY when you mention that you are doing this for your software's protection.
hackers are either challenged, or disinterested.
i have not seen hardware being pirated... naturally, installers come along with them, so copying it(hardware installers) isn't a problem, and there's no reason to pirate it, if you don't have the hardware at all.
what do you guys think? i think it sucks, but for now, it might just work. and perhaps, the insignificant people i mentioned earlier may just be the significant ones for software carrying this method of protection.
ait? 
____________________________
Been busy trying to take a second degree <--it's not working out...
|
|
30-05-2003 at 03:39 PM |
|
|
~Bean~
Level: VB Guru
Registered: 07-04-2003
Posts: 488
|
Re: Preventinng CD Copy
quote:
there still are some honest people out there who do not support piracy...
There are?? Where??
lol
I have been scouring the net looking at sellers of dongles...it seems that even these little gems have their share of difficulties, things like users having trouble printing/zipping while using a parallel dongle, that some dongles do not work when used with other dongles, and that some can be hacked (depending on their design/architecture). However, it seems that the USB dongles solve most of these problems. As for making your own dongle, let me know when you can decipher this and I'll help ya'...
http://www.ele.tut.fi/~viikari/avrdmx1.jpg
I signed up for several developer evaluations (the ones that were free) so I will post back if anything is interesting or useful. This site, although not the absolute cheapest, does have a Evaluation that includes the 1 (or 2) dongles and their software (driver/utility) for EURO 30 (EURO 45 for 2).
http://www.matrixlock.de/english/index.htm
Generally, I have found that pricing is completely dependant on how many dongles your order would be. Price per range from $15 for the cheapy model to about $50 for the expensive ones. I also came across some net solutions that consist of controls that you include in your project where your program looks to the net each time it is run or installed - these also range in price, and can cost substanitally more if you want the source code. And some dongles can be duplicated (not necessarily hacked, but their design has been copied and being sold under generic name) and some of their software API's or Utilities worry me as possibly being un-secure depending on how they are implemented by the developer.
AND then I found that there are companies like these  out there that specialize in legal copying (cracking) of dongles...
http://www.endlessvisions.net/Contact.html
http://www.donglefree.com/
so even hardware security cracks are possible - but weigh the difficulty of doing this crack of your hardware, and your software security, against someone actually making that effort to do so...probably ain't gonna happen...
and along the way I came across some helpful info on what we as developers are up against...below is a list of existing cracks/tools/utilities that can be used to hack.
~Beans~ FYI Du Jour - Develope Some Security
TheForce
This tool enables disabled buttons in an application. It does this by hooking the EnableWindow API calls.
Mitigation: Programming technique - You need to make sure that you have included measures to catch calls to disabled buttons that still get through.
TheSniper
This tool allows you to selectively enable buttons and menu items. There is even a macro mode! Select the type of window you want to change, drag the cross-hairs onto the object, select the type of operation and then press "Take out window" to activate.
Mitigation: Programming technique - You need to make sure that you have included measures to catch calls to disabled buttons that still get through.
WinSteal
This tool allows you to selectively enable buttons and menu items. There is even a macro mode! Just drag the eye at the bottom left of the main window onto the target and play with the properties of the window elements.
Mitigation: Programming technique - You need to make sure that you have included measures to catch calls to disabled buttons that still get through.
Enforcer
Another quick and easy method to enable disabled windows and components.
Mitigation: Programming technique - You need to make sure that you have included measures to catch calls to disabled buttons that still get through.
Revelation
This was the original program that we found for stealing passwords. Drag the cross-hairs onto the edit field that you want to see the password for and lo and behold, there it is!
Mitigation: Programming technique - Don't display passwords using the "Password character" property. If you have to show a password field, store the real value internally and place "*"s in the edit field.
TheSteal
This is a original program for stealing passwords. Drag the cross-hairs onto the edit field that you want to see the password for and lo and behold, there it is! Includes the source.
Mitigation: Programming technique - Don't display passwords using the "Password character" property. If you have to show a password field, store the real value internally and place "*"s in the edit field.
TheTimeCrack
This program is really bad news for most protection schemes! TimeCracker allows you to set the time for an individual program by calling the program through a loader that sets the date before the normal processing starts. This is death for 99% of protection schemes!
Mitigation: Do not rely on the PC clock! Access an Internet time server.
TheDateKill
This program is a clever way of getting around time based protection. You start the target program via a link that invokes DKill as a loader. The clock is then set back for a few seconds. After this initial time out period, the clock is reset to the correct date and DKill exits. Very clever!
Mitigation: Do not rely on the PC clock!
RegMon
This tool lets you see in real time what is happening in the Windows registry. You can set filters to close in on the program you want to trace, and look at the log file in your own time.
Mitigation: Don't try to "hide" information on the PC. It is useless.
FileMon
This tool lets you see in real time what is happening in the Windows file system. You can set filters to close in on the program you want to trace, and look at the log file in your own time.
Mitigation: Do not try to "hide" information on the PC, as it is a waste of time.
VXDMon
This tool lets you see in real time what is happening in the Windows VXD system. You can set filters to close in on the program you want to trace, and look at the log file in your own time.
Mitigation: Do not try to "hide" information on the PC, as it is a waste of time.
Advanced Registry Tracker
This tool lets you take a snap shot of the windows registry before and after an installaation. You can set filters to close in on the program you want to trace, and look at the log file in your own time.
Mitigation: Do not try to "hide" information on the PC, as it is a waste of time.
DFM Viewer
This tool lets you look into a Delphi executable and view the properties of the components in the forms of the executable. This is possible because of the way that Delphi creates dynamic links between the objects at run time.
Mitigation: Do not store protection information in properties on forms.
AND lastly I found this site and will be perusing its pages for some time looking for more help...feel free to browse with me...
ANTI-CRACK (no drug pun or butt references plz)
http://www.zerosecurity.de/
[Edited by ~Bean~ on 30-05-2003 at 03:23 PM GMT]
____________________________
Eggheads unite! You have nothing to lose but your yolks.
|
|
30-05-2003 at 08:13 PM |
|
|
JLRodgers
Level: Moderator
Registered: 04-04-2002
Posts: 1664
|
Re: Preventinng CD Copy
As a weird ironic twist, even the items that are used to crack software have legitimate uses! Or perhaps even more ironic are the cracking programs that have registrations (and other programs designed to crack the cracking program).
____________________________
Everywhere's Local (classifieds, job postings, & more for everycity in the world - user entered)
|
|
30-05-2003 at 09:05 PM |
|
|
millerdraft
Level: Scholar
Registered: 01-02-2003
Posts: 41
|
Re: Preventinng CD Copy
The bad thing about the intire thing is that there is always someone out there that will be able to crack any way that is tried. Look at the activation code in XP. I think it was within a week or less there was already a crack for that. It is those people that should be trying to solve this issue. But IMO I think that it is just a never ending battle. I am glad to see that people are still trying to come up with ways to prevent it.
Well that is just my opinion.
Ted
____________________________
Ted Moe
I wish I was real good at this stuff!
|
|
10-06-2003 at 02:39 AM |
|
|
~Bean~
Level: VB Guru
Registered: 07-04-2003
Posts: 488
|
Re: Preventinng CD Copy
quote:
i am strongly believe that all software should be GNU'ish, or i am an idiot
My vote is for the latter...
So you're asking how something FREE can compete with something NOT FREE? Well, your Linux O/S may run fine for your needs, but would it for EVERYONE? What application software is it compatible with it (linux)? Because of my clientele, I need to use MS Office apps, VB, .NET framework, Crystal, C# (just learning), Macromedia apps, etc., etc., and not to mention the 100 or so games that I play for those work-breaks  , and a few custom DOS and Win32 apps.
Bascially, until the entire world stops using Microsoft products, there will still be demand for compatible solutions...not to mention, this is intellectul material we're creating, and any unique or valued idea will be saleable, whether it be in compiled EXE form or sold as source code...at least in my case, I live in a competitive free market economy..........................
____________________________
Eggheads unite! You have nothing to lose but your yolks.
|
|
10-06-2003 at 01:25 PM |
|
|
vbgen
Level: Moderator
Registered: 10-10-2002
Posts: 876
|
Re: Preventinng CD Copy
well, it is a good idea...
hard to implement, just like most of the ideas here...
and steve's point on the info from the company is quite tough to reach...
and the dynamic ip's will be sort of a problem as well.
____________________________
Been busy trying to take a second degree <--it's not working out...
|
|
13-08-2003 at 06:29 PM |
|
|
|
|
 |
|
or just write "install" in a string 
No 
?
) of VB/VC to crack a code.
haha! what an advise.. 
Good bye software, I enjoyed selling you at first. 
