Re: Serial number verification / obfuscation (was: Re: Hiding [...] symbols [...])
Re: Serial number verification / obfuscation (was: Re: Hiding [...] symbols [...])
- Subject: Re: Serial number verification / obfuscation (was: Re: Hiding [...] symbols [...])
- From: Pierre-Olivier Latour <email@hidden>
- Date: Sun, 28 Jul 2002 03:00:39 +0200
Here are some tips I know from my little experience:
1) remove all possible debugging symbols
2) inline all your sn verification code
3) check the sn in various places of the code
4) if possible, use variations in the verification code used in the
different locations, so that the cracker is not able to find all of them by
a simple search in the assembly code
5) check if you're being hacked: time the execution of your serial
verification routine. If it's abnormally high (like more than a quarter of
second), assume somebody's stopped the execution of the program and is
looking at the assembly code.
6) displaying an error message if the sn check fails in one of the
verification places might not be the best thing to do! The cracker will
immediately know there's a verification here. You might simply turn a global
flag ON, which will be checked later in the code (like at the beginning of
the next event loop), or even better, do not display any message at all, but
alter the behavior of your program (sudden bugs in the UI, weird results,
etc...)
All these little tricks seriously complicates cracker's life ;)
_____________________________________________________________
Pierre-Olivier Latour email@hidden
Lausanne, Switzerland
http://www.pol-online.net
_______________________________________________
cocoa-dev mailing list | email@hidden
Help/Unsubscribe/Archives:
http://www.lists.apple.com/mailman/listinfo/cocoa-dev
Do not post admin requests to the list. They will be ignored.