RE: Looking for info on anti-piracy and trial-mode techniques for my app . . .
RE: Looking for info on anti-piracy and trial-mode techniques for my app . . .
- Subject: RE: Looking for info on anti-piracy and trial-mode techniques for my app . . .
- From: Jeff Laing <email@hidden>
- Date: Thu, 25 Feb 2010 03:59:25 +0000
- Acceptlanguage: en-US
- Thread-topic: Looking for info on anti-piracy and trial-mode techniques for my app . . .
> > Part of your response suggests that if there was an existing
> framework that was openly available, it wouldn't do me any good because
> the bad guys would have the source code.
>
> I disagree. If it's based on a tried and tested (and occasionally
> formally verified) crypto system, knowing the algorithm doesn't lead to
> a crack.
I think again here that the problem is conflating encryption to be the same as DRM.
Having encryption schemes in public source means that they can be analysed by the types that truly understand the math. This is "a good thing(tm)".
Having a DRM scheme in public source means that you've handed the hacker all the entry points she needs to consider to bypass your scheme. Specifically, if you rely on private-key signing, you're screwed because the hacker can analyse the open source, determine where the public key comes from, create her own key-pair, patch you to use her public key instead, then use her private key in her keygen which she distributes.
_______________________________________________
Cocoa-dev mailing list (email@hidden)
Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden