PureBasic Forums - English

Restored from previous forum. Originally posted by PB.

> Yes i found that too so i removed my previous post.. to write a new
> one, but you managed to quote me anyway and it wasn't up that long,
> crap you're fast

I don't know for 100% sure if it's his app, but I removed the link to
the crack search from my post just in case... it was inappropriate of
me to post it, even though it was just a standard web search.


PB - Registered PureBasic Coder

Restored from previous forum. Originally posted by ricardo.

No, my app is a cdburner (not coded in PB) and im partner with CNET to sell it.
Im not trying to convince anyone, im just giving my opinion based on my own experience.

In fact i want to talk about CNET and give some of my impressions:

Having CNET as a partner gives you a LOT of good things but takes a HUGE percent (40% of you sales are for CNET).
Of course they give you highlights and make your software well known, not just for appearing there (and ZDNET and MSN), but because your software will appear almost on every software site.

One trouble could be the bandwith (last month i pay $190 US only in bandwith for 85 GB in downloads.), CNET dot host files, then you need to pay somewhere to host your file and expect a huge bandwith not only from CNET, but from ZDNET, MSN and all the small shareware/feeware sites that take cnet's list.

Another thing is that your software appears in almost every CD maganize in the hole world, mines have beed in egipt, israel, germany, holand, usa, italy, etc, etc, etc, etc. But no much sales from that, most comes from zdnet and cnet, google and msn.

Im agree with Paul's point of view, i have tested different ways to give a trial (30 days, 30 uses, etc) and i found that in my case giving session limited (30 sessions) with full features is the best choice.

For selling im using ShareIt, RegNow and SwReg.

I hope that we can exchange different experiences, im very interested in exchanging info because in this business every info are always welcome, because some times a little tip makes the difference.

*About Cracks:
Some of my users tell me that they have search for cracks and when they notice that there is no crack available they pay me : )

But i dont want to be a blind guy that only believes on my own experience, maybe a good thing could be to work togheter here to find better choices to protect our work.
I will develop a small PB example and i hope that some one here can crack it and show me what was my 'errors' or better way to difficult the cracking. Lol.



Best Regards

Ricardo

Dont cry for me Argentina...

Restored from previous forum. Originally posted by cor.

Thanks everyone for the responses.

Let me explain what I think:

In Holland ( The Netherlands ) most users don't buy software, they search for a crack, if they can't find it they don't buy.

I think this is the case in other European countries. ( I can see where people buy from the orders.

The most where I get paid from are the US and releated countries.
They seemed to be the onest ones (in my experience) so there is my market. ( I hate to say it but it's not in my homecountry the Nehterlands)

Approx. 0,01 % of my downloads generate orders.
Tips are welcome to raise this

I once had a full working version, nobody did buy it.
No I have a full working trial version, which can be used for 10 sessions. ( This seems to work ). I often change my exe with same version and build number, so when there is a crack for let's say version 4.0, It only works for a short period of downloads.

I don't have the illusion, that it's crack proof.(nothing is)
Just making it a little harder for the "normal user" to get a crack is the least what I can do.

Also put a fake Register form (with fake routines) works.
Search for forums and you see people asking for the number.

I only send the full version per mail (not entering a key in the trial version)

This is only my experience.


Using Windows 98 SE
Registered PB version : 3.30 (Windows)
--------------------------
C. de Visser
Author of Super Guitar Chord Finder
http://www.ready4music.com

Restored from previous forum. Originally posted by Paul.

Hi Cor,

Here is a small tip for you:
When doing a time trial on your software, it's ok to have a splash screen telling the user that it is a time trial and they need to send money if they like it... but don't count them down saying 10 tries left, 9 tries left, etc.

This alerts the user that you are keeping track of the usage somewhere and of course the first place they will check is the registry. It only takes about 30 seconds to see which keys you are using. Then another 30 seconds to make a launcher that puts the old key info back each time, just before your app is started.


----------
Visit the PB Resources Site at http://www.reelmediaproductions.com/pb

Restored from previous forum. Originally posted by cor.

How does armadillo the time limited protection, they also got to write it somewhere?

Using Windows 98 SE
Registered PB version : 3.30 (Windows)
--------------------------
C. de Visser
Author of Super Guitar Chord Finder
http://www.ready4music.com

Restored from previous forum. Originally posted by tinman.

Just to share something I saw in the Amiga market recently.....

Because it is so small, a lot of the remaining users moan on about piracy and how they are against it. However, a new-ish piece of hardware (a PCI busboard) allowed you to use Voodoo3 cards - you got the drivers but had to register the system software which was uncrippled shareware.

The guys who wrote it got very little reward, far less than people who were using it and the drivers. This was for 3 main reasons:

1) The mthods of payment were very awkward (cash or cheque by post - cheque only in Germany).
2) The software was uncrippled
3) The users were either too lazy to go to the hassle of posting some money, or claimed that it was "too risky" even though no-one to my recollection had said their money went missing.

It seems you need to give users an incentive to buy it and not trouble them in the process.


--
It's not minimalist - I'm increasing efficiency by reducing input effort.
(Win98first ed. + SP1, PB3.30)

Restored from previous forum. Originally posted by Danilo.

ricardo:
why dont you say the name of your app if it is soo secure ??
just wondering...

cya,
...Danilo

(registered PureBasic user)

Restored from previous forum. Originally posted by ricardo.

The most where I get paid from are the US and releated countries.
They seemed to be the onest ones (in my experience) so there is my market. ( I hate to say it but it's not in my homecountry the Nehterlands)

Agree with the US, maybe not the honest ones but they uses a lot to buy from mail in the past years and then they are very comfortable using the credit card.

Approx. 0,01 % of my downloads generate orders.
Tips are welcome to raise this

Tip: Raise the number of downloads, for popular applications maybe 0.01% or 0.05% are not bad (a lot of free downloaders out there!), then the name of the game is GET HIGH TRAFFIC AND HIGH NUMBER OF DAILY DOWNLOADS.

I don't have the illusion, that it's crack proof.(nothing is)
Just making it a little harder for the "normal user" to get a crack is the least what I can do.

Thats exactly my point, and if you do get it really hard it will be not often to appear a crack.

I only send the full version per mail (not entering a key in the trial version)

How to avoid that some guy distribute your full version?

How does armadillo the time limited protection, they also got to write it somewhere?

Just write it in a way that its not easy to understand.
I think that this is the trick, doing things in some way that its not easy to understand to a cracker.

If you take a look at the crack pages the most common way to crack is just distribute a user name with the key of that matches with this user name.

But imagin that you software installed on PC1 with the user name 'ricardo' gives a key: 23998560-0981278654-98345621
but if you install in in PC2 with the same user name 'ricardo' gives the key: 643789021-8652314210-98546320 and in the PC3 different one, etc.

The cracker is lazy, he will forget your software, because it will be very difficult to find how you get the key.
Its not IMPOSSIBLE to crack it, but as you make it harder AND PC DEPENDENT you will avoid the risk of the common way to distribute the executable itself or the pair: username/key.

why dont you say the name of your app if it is soo secure ??
just wondering...

Because its not a personal issue, im not trying to demostrate or sell something,this is not a competition, we are just talking and exchanging experiences and i want to keep it in this way.
Im not the inventor of the hot water, just saying that my experience shows that keeping difficult is the best option : )





Best Regards

Ricardo

Dont cry for me Argentina...

Restored from previous forum. Originally posted by cor.

Originally posted by cor

Thanks everyone for the responses.

Let me explain what I think:

In Holland ( The Netherlands ) most users don't buy software, they search for a crack, if they can't find it they don't buy.

I think this is the case in other European countries. ( I can see where people buy from the orders.

The most where I get paid from are the US and releated countries.
They seemed to be the honest ones (in my experience) so there is my market. ( I hate to say it but it's not in my homecountry the Nehterlands)

Approx. 0,01 % of my downloads generate orders.
Tips are welcome to raise this

I once had a full working version, nobody did buy it.
No I have a full working trial version, which can be used for 10 sessions. ( This seems to work ). I often change my exe with same version and build number, so when there is a crack for let's say version 4.0, It only works for a short period of downloads.

I don't have the illusion, that it's crack proof.(nothing is)
Just making it a little harder for the "normal user" to get a crack is the least what I can do.

Also put a fake Register form (with fake routines) works.
Search for forums and you see people asking for the number.

I only send the full version per mail (not entering a key in the trial version)

This is only my experience.


Using Windows 98 SE
Registered PB version : 3.30 (Windows)
--------------------------
C. de Visser
Author of Super Guitar Chord Finder
http://www.ready4music.com

Using Windows 98 SE
Registered PB version : 3.30 (Windows)
--------------------------
C. de Visser
Author of Super Guitar Chord Finder
http://www.ready4music.com

Restored from previous forum. Originally posted by fred.

Originally posted by ricardo
But imagin that you software installed on PC1 with the user name 'ricardo' gives a key: 23998560-0981278654-98345621
but if you install in in PC2 with the same user name 'ricardo' gives the key: 643789021-8652314210-98546320 and in the PC3 different one, etc.

The cracker is lazy, he will forget your software, because it will be very difficult to find how you get the key.
Its not IMPOSSIBLE to crack it, but as you make it harder AND PC DEPENDENT you will avoid the risk of the common way to distribute the executable itself or the pair: username/key.

You can crack it in 3 steps:

- Disasm the program
- Locate the check routine (should be easy, especially as you need HardDisk serial number which requiers a special Win32 function)
- Remove the return always TRUE at the check routine instead of a variable.

Et voila, it works everywhere. Even no valid keys are working .

Fred - AlphaSND

Restored from previous forum. Originally posted by blueb.

I agree with Fred and Cor.

The very best way to protect against hackers is to make 2 versions.
- demo version with some features omitted.
(they can't crack what is not there)
- send the full version to a registered user.

Put in some anti-hacker code in the registered version just to keep out the casual thief, but don't get carried away. If they really want in, they will find a way.

Regards,
--blueb

Restored from previous forum. Originally posted by Rings.

- demo version with some features omitted.
(they can't crack what is not there)

i agree.And best use the CompilerIF - ComilerendIF in PureBasic to compile or not compile Registered - Functions.

Its a long way to the top if you wanna .....CodeGuru

Restored from previous forum. Originally posted by ricardo.

You can crack it in 3 steps
- Disasm the program
- Locate the check routine (should be easy, especially as you need HardDisk serial number which requiers a special Win32 function)
- Remove the return always TRUE at the check routine instead of a variable.
Et voila, it works everywhere. Even no valid keys are working .

Nop. Its not THAT easy. I know it can be done, but its not as easy as it appears once that you know that the serial uses the HD serial.

1.- If you DONT KNOW that the key uses the HD serial it wont be that easy. Now you KNOW it and thats why it seems so easy (every problem looked from the solution sounds easy!).
In fact you can use a combination of different informations, not only the HD serial and it will make it more difficult.
2.- If you dont put all the routine togheter and dont run it at the same time and make it complicated, it wont be so easy.

Of course, any one could believe whay they want. But in my case it works and that is the important thing for me : )




Best Regards

Ricardo

Dont cry for me Argentina...

Restored from previous forum. Originally posted by ricardo.

Originally posted by Rings

- demo version with some features omitted.
(they can't crack what is not there)

i agree.And best use the CompilerIF - ComilerendIF in PureBasic to compile or not compile Registered - Functions.

Its a long way to the top if you wanna .....CodeGuru

But what if ONE user distribute the fully functional copy?
Its very common!!!

If we get so dramatics we can conclude that there is no way to protect your work, but not every user is a cracker and the key must protect you work to the average user.

I think that a PC dependent key works great for normal users and stopps the users to give copies to his friends and co-workers.



Best Regards

Ricardo

Dont cry for me Argentina...

Restored from previous forum. Originally posted by PB.

> If you DONT KNOW that the key uses the HD serial it wont be that easy.

You're forgetting one thing: The cracker just has to look at your exe
with a hex editor to see which API routines it's calling. Thus, he will
know that it's accessing the HD serial number because you'll be using
a hard drive API to get that info. Also, checking for a HD serial is
one of the first things a cracker checks...


PB - Registered PureBasic Coder