Re: Serial number verification / obfuscation (was: Re: Hiding
Re: Serial number verification / obfuscation (was: Re: Hiding
- Subject: Re: Serial number verification / obfuscation (was: Re: Hiding
- From: Philip George <email@hidden>
- Date: Sun, 28 Jul 2002 12:11:51 -0500
*This message was transferred with a trial version of CommuniGate(tm) Pro*
It is not. For anyone who can patch the original serial number check it
is quite easy to patch the other one (which checks the length, or
checksum, or MD5 hash, or just whatever) too.
You can devise more and more devillish schemes like placing a big
number of such checks into different places in code to be performed
randomly, perhaps with quite a low probability (so that there's a good
chance that cracker's testing won't hit them, whilst using a cracked
version, sooner or later, would), and that's just a beginning of the
way...
Don't waste time though: the cracker's time is always cheaper than
yours, and -- triple alas -- often the sob is even smarter. The scheme
of the previous paragraph would be overcome by automated testing. As
soon as you devise something to prevent it (say, first idea: checking
the clock to know whether the last 10000 of usages happened to be in
last hour), the cracker would change the clock. And so on, and so forth.
I think several of us are really getting a lot of good ideas out of this
discussion. Yes, in many respects the odds are in the cracker's favor,
but bouncing around ideas can only help on the software developer's
side. Let's let this conversation take its natural course, please.
- Philip
_______________________________________________
cocoa-dev mailing list | email@hidden
Help/Unsubscribe/Archives:
http://www.lists.apple.com/mailman/listinfo/cocoa-dev
Do not post admin requests to the list. They will be ignored.