Re: Securely limit the running an application by serial number
Re: Securely limit the running an application by serial number
- Subject: Re: Securely limit the running an application by serial number
- From: Peter Mulholland <email@hidden>
- Date: Fri, 3 Jul 2009 23:48:14 +0100
Hello Ammar,
Friday, July 3, 2009, 8:49:32 PM, you wrote:
> I want my application to run on specific computers that are licensed to use
> the software. This is for limited use, and isn't a product for the masses.
> I've realized that you can limit the software to run on specific computers
> by limiting using the serial number of the machine. how secure is it? can
> someone crack the software by avoiding the "if statement" that does the
> check? How can I secure my checks.
First thing - Apple and their devout followers will tell you "don't do that" when it comes to ANY protection. Ironic since as they have DSMOS and PT_DENY_ATTACH on iTunes etc.
Second, to make it really effective, you have to get hardcore. I've just written a system for the company I work for that actually encrypts the whole executable, and only decrypts it at run time with the right licence file (keyed to the user's system serial) in place. This meant writing a "stub" program and a tool to parse a Mach-O and encrypt it suitably. Expect to have to get friendly with BSD API's, syscalls, and assembly language.
You have a lot of ground to cover to make any checks etc hidden. IOKit is the only way to get the system serial, and it's easy to spot in the Mach-o load commands and symbol table - as soon as a cracker spots it, they can say "aha", and at best, forge the answer to a known good system serial. Opening it dynamically with dlopen() and looking up symbols helps - especially if you rot13 or xor the symbol name strings.
If you go my route, you've also got to think about other things, such as process dumping. Once the code's decrypted you can easily do something like enable coredumps, then send a SIGABRT and grab the decrypted app (Mach-O header and all) out of the core dump. You then two routes 1) thwart the dumping 2) make it so that the app can detect if it was dumped, and break.
Of course, I have ways and means, but I won't give away my secrets ;) I'm also under no illusions - it'll be cracked, but you have to try and protect your stuff. Simply saying "why bother they will crack it anyway" gets your stuff spread on day 0, instead of a few weeks or a month later
--
Best regards,
Peter mailto:email@hidden
_______________________________________________
Cocoa-dev mailing list (email@hidden)
Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden