Re: Serial number verification / obfuscation
Re: Serial number verification / obfuscation
- Subject: Re: Serial number verification / obfuscation
- From: Andreas Monitzer <email@hidden>
- Date: Sun, 28 Jul 2002 21:32:24 +0200
On Sunday, July 28, 2002, at 07:46 , Andrew Merenbach wrote:
The checksum could be obtained the first time the program is run, and
would be stored in preferences.
Though I suppose we run into the same old brick wall now--anybody can
edit a preferences file. So we can encode it as we write it--but then
we're back to square one again, as the proficient hacker can intercept
our encoding signals.
I guess there's no easy answer. As for my own programs, I'm just going
the old route of putting in a "guilt" window that opens every startup
until the user clicks "I Paid."
What about encrypting parts of the binary itself using some PGP-like
(well, reverse PGP) private key? The app can decrypt itself using a
public key into memory and run this code.
A cracker could store the memory snapshot to a file, but re-encrypting
the cracked code wouldn't work, because the private key is stored only
on the developer's machine.
He'd have to assemble the app partly from unencrypted disk data, the
hacked decryption code, and the part stored in memory only, which sounds
to me as if it would be faster to re-write the whole app.
You could even do it more complicated by storing and erasing parts of
the app depending on where the user is in the app (dialog-based for
example).
Of course, it'd be even better if you'd be using your own public/private
en/decryption algorithm.
andy
--
DigiTunnel 1.0 released, offering full PPTP-support for Mac OS X!
http://www.gracion.com/vpn/
_______________________________________________
cocoa-dev mailing list | email@hidden
Help/Unsubscribe/Archives:
http://www.lists.apple.com/mailman/listinfo/cocoa-dev
Do not post admin requests to the list. They will be ignored.