• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: Serial number verification / obfuscation (was: Re: Hiding
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Serial number verification / obfuscation (was: Re: Hiding

  • Subject: Re: Serial number verification / obfuscation (was: Re: Hiding
  • From: Andrew Merenbach <email@hidden>
  • Date: Sun, 28 Jul 2002 10:46:41 -0700
The checksum could be obtained the first time the program is run, and would be stored in preferences.

Though I suppose we run into the same old brick wall now--anybody can edit a preferences file. So we can encode it as we write it--but then we're back to square one again, as the proficient hacker can intercept our encoding signals.

I guess there's no easy answer. As for my own programs, I'm just going the old route of putting in a "guilt" window that opens every startup until the user clicks "I Paid."

Take care,
Andrew Merenbach

On Sunday, July 28, 2002, at 09:54 AM, Charles Srstka wrote:

On Sunday, July 28, 2002, at 11:25 AM, Andrew Merenbach wrote:

On Sunday, July 28, 2002, at 04:34 AM, cocoa-dev-
email@hidden wrote:

There is actually yet another way to prevent an application from being
patched that is available in at least one big commercial application
today. Unfortunately I'm not allowed to talk about it - but it would be
interesting if someone else could think of it and bring it to this
discussion. There's a challenge for you! :)

Hmm. The only thing that springs to mind is a checksum on the program. Does that sound right?

One can, for example, tell the program to retrieve its own file size, in bytes. That can be a very simple checksum, as few programs have the same number of bytes. If a hacker/cracker patched the code, the number of bytes might change, and then the program could render itself unusable.

Considering that preferences are not stored within an application, and thus that the contents of an application are only likely to change if it is tampered with, this could be a very secure method of preventing tampering.

Um, how would you know what the application's checksum is going to be? When you hard-code the checksum into your app, the checksum will change...

And if you keep the checksum in a separate file, well, that would be extremely trivial to crack - just make a new file with the checksum of the hacked app...
_______________________________________________
cocoa-dev mailing list | email@hidden
Help/Unsubscribe/Archives: http://www.lists.apple.com/mailman/listinfo/cocoa-dev
Do not post admin requests to the list. They will be ignored.
  • Follow-Ups:
    • Re: Serial number verification / obfuscation
      • From: Andreas Monitzer <email@hidden>
References: 
 >Re: Serial number verification / obfuscation (was: Re: Hiding (From: Charles Srstka <email@hidden>)

  • Prev by Date: Re: Serial number verification / obfuscation (was: Re: Hiding
  • Next by Date: Re: Serial number verification / obfuscation (was: Re: Hiding
  • Previous by thread: Re: Serial number verification / obfuscation (was: Re: Hiding
  • Next by thread: Re: Serial number verification / obfuscation
  • Index(es):
    • Date
    • Thread