• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: Serial number verification / obfuscation (was: Re: Hiding [...] symbols [...])
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Serial number verification / obfuscation (was: Re: Hiding [...] symbols [...])

  • Subject: Re: Serial number verification / obfuscation (was: Re: Hiding [...] symbols [...])
  • From: Brent Gulanowski <email@hidden>
  • Date: Sun, 28 Jul 2002 10:55:40 -0400
However, I'm seriously concerned about serial numbers in cocoa programs:
because because of Obj-C, it seems easier to crack.


What about a PKE-style system? Forgive me, I'm not very knowledgeable. I know the problem is to couch this in terms of communication between two parties. The keys would be generated at first run with seeds provided by the install time and location and some kind of code from the developer generated for that particular user, perhaps tied to a code generated by the installer. I'm thinking we may not need all four keys, since the program wants to verify the environment, not necessarily the user. And the user doesn't need to verify the program, right? Can someone who knows better improve on this?

The trick seems to be that you have to treat every application launch as a message from user to program, to prevent user from simply copying the working binary -- although I know this is not the biggest problem, it is an easy way to share software. For pro apps, it is easy to buy one copy for the office, install it on one machine, and then copy it to a disk image and distribute it that way to all machines. Users do the same thing,
using portable drives to copy already-installed binaries. Anyway should you restrict the program to the media it is installed onto, or to the machine it is run on? I'd prefer the former, as a user. A CPU is just a resource I use to run my software. Is that more difficult? I suppose one could test for some unique feature of the disk. Or the date modified of the installed copy could be used in some way, meaning that it wouldn't be possible to change where on the drive it was located without a re-install.

Brent

--
Inkubator: creating free, open source Mac games.
http://inkubator.idevgames.com - homepage
http://www.sourceforge.net/project/inkubator - project page
http://64.246.17.165/forum/forumdisplay.php?s=&forumid=17 - discussion forums
_______________________________________________
cocoa-dev mailing list | email@hidden
Help/Unsubscribe/Archives: http://www.lists.apple.com/mailman/listinfo/cocoa-dev
Do not post admin requests to the list. They will be ignored.
References: 
 >Serial number verification / obfuscation (was: Re: Hiding [...] symbols [...]) (From: Allan Odgaard <email@hidden>)

  • Prev by Date: Re: Serial number verification / obfuscation (was: Re: Hiding
  • Next by Date: Re: Asynchronous I/O using NSFileHandle
  • Previous by thread: Re: Serial number verification / obfuscation (was: Re: Hiding [...] symbols [...])
  • Next by thread: Rulers in shared text views
  • Index(es):
    • Date
    • Thread