Secretly tracking number of uses

[ricardo]

Yeah, I remember you said this before, and I intended to do so.
It's a good way to do it, as any existing keygens become obsolete.
You just have to remember to keep changing/uploading your app.

I was also thinking today, what would happen if the rego check was
done with ANOTHER exe, that was embedded and extracted during
runtime of the main app? It could extract to the temp folder, do the
check, and delete itself again before the cracker knew it. Sounds
like an interesting approach to me, because the actual code to be
cracked is not available in the main exe to be examined.

Its a good idea!!

To avoid RegMon, etc. you can use a dll and run it from memory without writing it to HD.
Until now the only way to do it is using PEBundle.
This could make harder to crack it i think.

[PB]

> using a debugger like SoftIce or OllyDbg it would also be obvious

I was wondering: Can SoftICE or OllyDbg work on native 16-bit DOS apps?
Or do they only work with 32-bit Win32 apps? Because it may be an idea
to write the rego-check in MoonRock (16-bit DOS) and then IncludeBinary
that for extraction/run in the PureBasic exe...?

[thefool]

Just a stupid question from me, but lets say, someone found a method to disturb windows so it makes an instand reboot or a crash?
It would disturb the cracker a little, if the whole computer crashed when an error is found.
I've made a thing that totally crashed my computer. It was an accident. It was a quickbasic compiled exe. I opened it in a hex editor trying to see what happened if i changed values here and there. The first try was that the exe could not be run. The second time, it was more succesfull. I ran it and the computer made a beep and a bluescreen. Not a normal blue screen, but it was filled with a lot of weird signs. And anytime you pressed a key it just changed the signs. Weird...

(I was not that old when doing that with the hex-editor)

[PB]

> It would disturb the cracker a little, if the whole computer crashed when
> an error is found.

It could also get the author of the app sued, if the crash caused the user
to lose unsaved data. Remember, just because an app is "modified"
doesn't mean it's been cracked (it could be a broken download, or had a
virus infection, etc). You can't crash a user's PC under any circumstances.

[thefool]

ok.. sorry..

[Shannara]

> It would disturb the cracker a little, if the whole computer crashed when
> an error is found.

It could also get the author of the app sued, if the crash caused the user
to lose unsaved data. Remember, just because an app is "modified"
doesn't mean it's been cracked (it could be a broken download, or had a
virus infection, etc). You can't crash a user's PC under any circumstances.

Really? Microsoft have done the exact same thing with every single product they have released so far :P Seriously now, ah... well, with a nice disclaimer a person has to read before installing the application should cover your butt nicely. Ie, you cannot hold (company name) responsible for any damages this software may or may not do to your computer

[Danilo]

@Shannara:
If you add something to a program with a view to destroy
data on the computer, your license agreement doesnt count anymore.

You will get killed by users that loose important data.
(and then you have to explain to god why you did that)

[thefool]

Then, make a countdown.

[You patched the program, bad boy! 5 seconds to crash]

[Rings]

.... you can use a dll and run it from memory without writing it to HD.Until now the only way to do it is using PEBundle.....

until now ....

[MadMax]

Writing malignant code, even if it's for an altruistic reason, is a repugnant thing to do. If you choose to do so, even if it's for "protection reasons" your program will in many countries become illegal, and you could even be prosecuted.

There are cleverer ways to protect your code, without having to resort to the use of code that can damage data or crash a PC.

[scurrier]

if people are downloading your software why not have your software download a text file that has your current info just make it the first thing and make it required if they bought it off the web that can't say they dont have an Internet Connection can they

[PB]

> [...] your program will in many countries become illegal

And also, once the word gets out, your NAME gets a bad reputation from
users all over the world, and nobody will EVER use anything written by you
again. Goodbye, programming career. Definitely not worth it.

(BTW, when I say "you" I don't actually mean you personally).

[Shannara]

Are there that many criminal minded people in the world that it would totally destroy your career, even when they are warned of such? Such a sad state nowdays? I mean, with a warning before installation of such "altering this program will cause your computer to become unstable". And before it stating in the license they agree NOT to alter the program. Then when they alter the program it could be considered THEIR fault for the result?

Or is our laws so screwed up?

[PB]

> a warning before installation of such "altering this program will cause
> your computer to become unstable".

If I saw that in something I downloaded, I'd delete it and warn my friends.
The app would end up on a booby-trapped software list like this one:
http://www.geocities.com/johnboy_tutorials/bt.html

> And before it stating in the license they agree NOT to alter the program.
> Then when they alter the program it could be considered THEIR fault for
> the result?

But the point is: it's not always them altering the program. What happens
if a virus infects it, and the app decides it's been altered, and then trashes
the user's system? An innocent person's PC has been screwed through no
fault of their own, even if they paid for the app and didn't use a crack.

And it's not just viruses that can change an app... an unexpected shutdown
(say from a power loss) can corrupt data files on the PC -- it's happened to
me in the past. Should the user's PC become unstable in those cases, too?

[Shannara]

Ok, thats too good of a point to pass up. I had a friend recently who, when someone modified his program (Crack or whatever), it deletes itself and all of it's installed files in it's folder (leaving all other files intact). Considered OK?