26

Re: Protection shareware programs

N> So be guided by virtual machines. I used about 10 years ago any cheap keys with  inside is not assured that correctly recalled, which, so without links)

27

Re: Protection shareware programs

P> that is the key at you  on a course of operation of the program also is then compared to the certain number sewn up in the code or even is simple with 0 or 1? No, no comparing are present. There is a result of check - there transited check mathematical regularity or did not transit. The key is read out from a file of adjustments. Then  in the binary form also it is scattered in different places in storage that performance was more difficult to trace. Then at loading one of algorithms of check is checked. For example, there zero  it should be equal to unit. If it not so, that, for example, we tell that  reodes effused. Or the user clicks the certain button fulfilling certain function. In the output agent something is checked still, for example, on divisibility on 7. If it did not turn out, then the key is cracked and executable certain action under the registration of that that was cracked and we continue program operation. As a result the user simply uses the program and does not know that the program already rejected its key. Next time as it launches it, it ceases to work. Some checks become not always so trace to catch it difficultly. Probability, for example, 1/10. Not to go mad, I simply made once a heap  type functions bool Check1 (); bool Check2 ()... bool CheckN (). Also I interpose them into different places . And already in the code all becomes simply Something we do. if (! Check2 ()) {Ur, us cracked.} We continue to fulfill the code indifferently. Key structure approximately the such: [the program Code - Month of generation of a key - the Reason for generation - Some casual bits - the Unit of bits 1 - the Unit of bits 2 - the Unit of bits 3 - the Unit of bits 4 - the Unit of bits 5 - the Unit of bits 6 - Checksum] 260-400 bits All it approximately, are encoded in base32. If it would be desirable to complicate, units of bits can be a part of any cryptographic algorithm, for example, a simple elliptic curve or . It can be checked. At me at first was El Gamal on 30 bits, then simply made check on pseudo-simplicity. Now an elliptic curve - two numbers on 120 bits or something in this spirit, any more I do not remember. The first part -  bits, and the second part is a signature for these bits. In the program it is checked, whether  the signature. The cryptography here complicates creation , but I think, it is possible not to use all it, and simply to use randomno-generated keys. Simply cryptography check it only one of checks. The pseudocode of generation of a key:   the first. for (; wink {Generim the sign-code signature for the first. We write down these two multibit numbers in a key. We check Check1 () It is checked Check2 (). We Check CheckN () if (all checks transited successfully) break; we Increase  number by unit. We will repeat now already with new  number.}

28

Re: Protection shareware programs

Hello, Carc, you wrote: a C> Hello, wantus, you wrote: W>> Hello, uuuser, you wrote: U>>> the elementary check "online" unless does not add  to support to explain to users how to disconnect this or that  an antivirus? W>> a zero of problems of this plan. It is not "not enough", namely "zero". Cs> Really do not swear users? No, do not swear. With all these telemeterings the people already got used. As if the button is called to "Activate", as though and to a hedgehog it is clear that the program gets into the Internet. For offline and locked down cases there is an alternate mode which shows activation URL and allows to open it in the browser.

29

Re: Protection shareware programs

R> In the code simply a little IF I Will add a little the experience for those who dares to do the check of keys that on came across the same rake, as I once. == If it would not be desirable, that made  we Use  cryptography with opened and closed . Your key should be long enough that its cracker simply did not find . Therefore the length crypto-keys should not be short. For an example, my the first elGamal  is less than for half an hour even on old Pentiums. == it is impossible to make , but now spread working keys Everything, your super-puper  keys it appeared useless, after all the laid out key bypasses checks. Who thinks that it is an output - is not present, now will enough crack in one place key check in the program and it is possible to spread cracked  plus this key. The elementary breaking. == some users enter keys manually, typing digits behind digit. Some numbers are similar: O and 0, 1 and l. As a result after input the key is not accepted. Use the alphabet base32 or etc. and delete all counterparts.  an error of the user, accepting both variants. == erase leading gaps and gaps in the end of a data entry field. It seems that nonsense, but here it to me at dawn  killed more year of trials with users for whom keys did not work. Simply they copied a key from the letter and casually captured gaps. I by naivety checked checksum, including these gaps. == if at you it is some programs and one uniform method of check of keys if the user enters a key from one program into another by mistake the program will think that a key cracked. At me such problems were, when I did the new version and users entered an old key. As a result of worked nothing.  it is easy, in a key there should be a code of the version of the program, unique for the version and a product. == send a key in technical support. It is necessary to learn program version number. It was necessary to check a key on a heap . The decision idle time - the key should contain some characters of the code of the program that, looking at it eyes, it was visible, for what version. == It would be desirable the strange algorithm of check of a key. It is thought that the cracker cannot recover algorithm. A hogwash, cut the whole piece of storage from the program and interpose into the , at me so was at dawn . My sophisticated  algorithm simply cut as a binary part .  even was to try to discover the necessary parts - directly enormous piece of storage cut off. == made super-puper  a key, etc. I Congratulate, now at you appear to purchase on  to a credit card, etc. That better - think. == made super-puper difficult check of keys that itself hardly-understand as it works. All to nothing, the cracker simply makes an eternal trial, cracking IF (trial) and your super-puper check it will be never simple to be checked. IF (trial) - the most delicious place in all checks. Instead of super check think as is better to hide check on . == That did not crack for five seconds, do not check a key right after registration dialogue. The cracker simply delivers , fills data entry fields and starts to trace, yet does not find . The decision idle time - right after input of a key by the user save it a disk and quit the program. Check should work and not right after program loads. The same reason - the cracker launches the tracer and reaches a place of reversal to a key in storage. Do the postponed checks. For simple users make simple check, it is enough to check up checksum and tell it that a key correct, thanks. Well and already meticulously check a key then. Let it can occupy and some days and hundreds business hours of the program. Will irritate very much cheapskates when suddenly the program ceased to work on the most interesting place though before week worked. The cracker cannot find such places, without tracing and without understanding meticulously with that that becomes with  in the program after it was considered by the program. To deliver  easier, than to read tons of the assembly code. == do not check keys one simple method. The cracker delivers  on a call  functions of obtaining of current time, etc. to It it will be easy to find a place of check of a key. That such was not, use alternative methods of obtaining of time. == hid a registration sign in the register, hiding among system registry keys It is congratulated. The cracker easily finds this place and instead of breaking will enough make.reg a file. The same if to write down a sign in a confidential file. Any confidential places. All should be checked in program bowels. It is the most difficult part what without  it is difficult to reach. == wrote down a sign of that the program is cracked. We congratulate. On this label also it will be easy to find a place of check and it to remove from . If very much it would be desirable to write down something use a steganography. The most simple method is to hide the necessary sign in the form of a superfluous gap or otherwise the written down normal key of adjustment, for example, it is possible to write window coordinates as X = Y = and it is possible as WindowX = WindowY =. The first case at  a key, and the second is a sign of that that a key . The cracker goes mad to understand that it means. == made super-puper check of keys. It seems that the cracker goes mad. But actually in any check there is a thin place. And this thin place will be mandatory to crack than potter with your algorithms easier. For example, to make an eternal trial, removing one IF. For these purposes such checks should be hidden on the code or to cipher. == Found that the key is cracked and inform at once it is to the user Well and in vain.  and your check is easily visible to the cracker. Do the postponed actions. At least on the timer or writing down somewhere a sign that the program is cracked. Check in other place. == made super-puper check of keys and we rub hands. Test carefully! At me of 50 % of all bugs of programs for all history  have been connected with  operation of checks of keys. Normally it is the most difficult and  the part of the code of the program and failure in it can lead to fatal consequences at legal users. The user generally should know nothing about that that in program bowels permanently something checks a key. An example of such bug - I had one check launched in 20 days after setting of the program. There transited 20 days and the program . In  a mode all worked remarkably. But here at the registered the hell began.

30

Re: Protection shareware programs

Hello, Kerk, you wrote: K> Hello, Roman Vasin, you wrote: W>>> and qualified reversers will not waste time on breaking  a software. RV>> Since to whom that laziness 300$ and more for  a software to pay - he to pay such  100$ and both will be glad. K> what percent of your buyers so easily can find qualified ? The percent did not measure. But, this percent of buyers - at desire - can find. For example I under links quitted on one forum - where "buyer" allocated the order for my program. Truth of the executor it did not find. Though there were also successful examples (earlier) when buyers found executors and they did the operation.

31

Re: Protection shareware programs

V>>> At us New Year's discounts the Author now operate: drVan Date: 20.12 09:27 and I do not know 350$ for VMProtect Ultimate it for you also expensively or already was not present. N>> And it only on one platform or on all? V> we begin that the version under any platform supports all dial-up  (for example the version under Windows the Author is able to protect  from OSX and Linux, and in the near future also.NET: drVan Date: 29.12 21:05, and on the contrary). Thanks. It is the helpful information. And online activation/ban at you seems too is?

32

Re: Protection shareware programs

Hello, nen777w, you wrote: N> Thanks. It is the helpful information. And online activation/ban at you seems too is? For activation online the activation server in addition is required. Switching-on of the codes of activation / finite licenses in  is in most WebLM. At an output of the new version it is possible to export all blocked licenses from WebLM in VMP a file and to use this file as licensing parameters.

33

Re: Protection shareware programs

Hello, Poseidon, you wrote: P> Hello, for a long time did not write here) Since Armadillo v2. And what use now? About VMProtect . Can eat that more cheaply? Well not each user gets to break the program to whom it is necessary. And Armadillo suited Me, but after the such... Or all the same to remain on it? That  advise. I use Enigma Protector, there are protection both Win32 and Win64 versions, complaints to false actuating of antiviruses like few. The generator of a key I wrote the, to me it was easier than to understand with indirect generators.

34

Re: Protection shareware programs

Hello, rean, you wrote: R> Next time as it launches it, R> it ceases to work. With  you certainly subtilized. Even  probably. But all it can appear nonsense if in  suddenly there will be a nonsense of type If ("is cracked") Goto " a mode" So much more interesting as you implemented it

35

Re: Protection shareware programs

Hello, Poseidon, you wrote: P> and Armadillo suited Me, but after the such... And what there was that?

36

Re: Protection shareware programs

Hello, byterus, you wrote: B> Hello, Poseidon, you wrote: P>> and Armadillo suited Me, but after the such... B> And what there was that? https://xakep.ru/2003/08/07/19425/https … st/199356/

37

Re: Protection shareware programs

Hello, Poseidon, you wrote: P> https://xakep.ru/2003/08/07/19425/P> https://habrahabr.ru/post/199356/Thanks, calmed, thought something serious happens

38

Re: Protection shareware programs

Hello, byterus, you wrote: B> Hello, Poseidon, you wrote: P>> https://xakep.ru/2003/08/07/19425/P>> https://habrahabr.ru/post/199356/B> Thanks, calmed, thought something serious happens on idea after that it would be logical to make the new, protected version. Such that  it was sowed by number not 32 bits, and it is admissible 1024. Not? And to lay out it it is free for users of earlier versions. But why that it does not happen, and itself Chad Nelson where that merged?

39

Re: Protection shareware programs

Hello, Poseidon, you wrote: P> Hello, for a long time did not write here) Since Armadillo v2. And what use now? About VMProtect . Can eat that more cheaply? Well not each user gets to break the program to whom it is necessary. And Armadillo suited Me, but after the such... Or all the same to remain on it? That  advise. I use the protective mechanism. Advantages: - to anybody of nothing to crying - I know, as as in it it is arranged - protection not "", and built in - for the potential hacker breaking costs dearer, than popular "" protection. - more than a year in an Internet is not present  a software, only  a copy, but it is not terrible  the clever user such will not use (catches viruses and an advertizing software), and I on the side see how many at me  copies and in case of need I can affect it Lacks: - the most important antiviruses long held my software on a sight. Not less half a year, it is more. After releases it was necessary to submit often requests false positive. at once answered that you use non-standard  the code because of it problems. Later 6-9 months ceased, probably antiviruses added my software in the bases. I longest wrote to Kaspersky and submitted requests most, but also it surrendered. Now  ache some time  Baudi and . Problem residual Slightly affects. There are users write that the antivirus gives  on the new version, but under tests virustotal.com all is pure. But it is rare and, probably, itself resolves with update of anti-virus bases. If the developer can independently master key protection so that crackers could not derive algorithm of a key I advise such way. Definitely in it there are more than advantages.

40

Re: Protection shareware programs

Hello, Poseidon, you wrote: P> But why that it does not happen, and itself Chad Nelson where that merged? There all was where easier. Digital River bought Armadillo in hope completely to envelop the market of preparation and sale of software solutions. So to say on all fronts. Probably, traditionally for such approach, auxiliary employees (experts in marketing, UI designers and so on) have been engaged many. But  year - it appeared that protection is a dedicated product which does not have ten (or hundreds) sales in day. And loading on technical support is high also its growth directly depends on number of clients. Moreover questions demand from experts in a support of profound knowledge of all main programming languages (especially the assembler for the problem analysis) that is very expensive to the company. Here a product also decided to close.