Re: Serial number verification / obfuscation (was: Re: Hiding
Re: Serial number verification / obfuscation (was: Re: Hiding
- Subject: Re: Serial number verification / obfuscation (was: Re: Hiding
- From: Charles Srstka <email@hidden>
- Date: Sun, 28 Jul 2002 11:54:35 -0500
On Sunday, July 28, 2002, at 11:25 AM, Andrew Merenbach wrote:
On Sunday, July 28, 2002, at 04:34 AM, cocoa-dev-
email@hidden wrote:
There is actually yet another way to prevent an application from being
patched that is available in at least one big commercial application
today. Unfortunately I'm not allowed to talk about it - but it would be
interesting if someone else could think of it and bring it to this
discussion. There's a challenge for you! :)
Hmm. The only thing that springs to mind is a checksum on the
program. Does that sound right?
One can, for example, tell the program to retrieve its own file size,
in bytes. That can be a very simple checksum, as few programs have the
same number of bytes. If a hacker/cracker patched the code, the number
of bytes might change, and then the program could render itself
unusable.
Considering that preferences are not stored within an application, and
thus that the contents of an application are only likely to change if
it is tampered with, this could be a very secure method of preventing
tampering.
Um, how would you know what the application's checksum is going to be?
When you hard-code the checksum into your app, the checksum will
change...
And if you keep the checksum in a separate file, well, that would be
extremely trivial to crack - just make a new file with the checksum of
the hacked app...
_______________________________________________
cocoa-dev mailing list | email@hidden
Help/Unsubscribe/Archives:
http://www.lists.apple.com/mailman/listinfo/cocoa-dev
Do not post admin requests to the list. They will be ignored.