PureBasic Forums - English

> Thats exactly what I suggested in my initial post

Oops, I see now. I misread it originally. Sorry!

utopiomania wrote:
Thats exactly what I suggested in my initial post?


About protection.. Inner, localmotion and doubledutch are wrong. I've done my homwork on this.

Apps protected by ie code virtualizer or execryptor are so difficult to break that nobody really wants to try anymore.

If you disagree, I'l be happy to hand over a crackme to prove my point.

1) Uninstall Tool. ExeCryptor, full protection, and Sunbeam over at {RES} has nailed it EVERY build, EVERY Time.

2) Smart Diary Suite. Themidia, Full SDK protection, and quesago unpacked it and nailed it.

3) Any FlexM protected App. Black Riders, LineZero, or Crude shred these apps.

4) SND Request board. Almost all the tough apps usually end up there, and there is no shortage of talent and drive to crack them.

I'm telling you. If you think you can outsmart {RES} BRD, CRD, Lz0, SND, CORE, SSG, FFF - you are dreaming.

Your protection would probably stop quite alot of crackers. However, you simply cannot beat them ALL.

FOCUS on your APPLICATION and its QUALITY. A few timebombs here and there, and multipart serials (see my example) will get your average cracker and their releases will be "nuked" for a while.

However, if you actively try and create challenges and animosity to your app, you will go down in flames and the crackers will put you in your place.

I reverse engineer all the time, and so do many people on this board. Trust us when we tell you that cracking your app can and will be done. However, if you do it right, you can MINIMIZE the damage done.

EVERY ship in the world takes on some water!!! The best ships are DESIGNED to MINIMIZE the damage that it can do, and can HANDLE the challenges. The same is true with your business plan. Expect to be cracked, and ADAPT accordingly with minimal time and cost.

I'm telling you. If you think you can outsmart {RES} BRD, CRD, Lz0, SND, CORE, SSG, FFF - you are dreaming.

I can't outsmart them, but these protectors I mentioned do it 99.999999999999% of the
time.

It's important that people realise this and don't give up. Very good protection is available nowadays.

I reverse engineer all the time, and so do many people on this board

Shure you do, but none of you can reverse engineer an app protected by say code virtualizer.

In the old days when you wrote a game you expected to be lucky if you didn't get cracked for the 1st 3 days after release!!! Thats with non standard encoding on the disks like zero clock data (gets a random stream from the disk) or non standard bitcell sizes, etc

Don't forget this was before the Internet became popular and everyone used BBS to spread 'warez'.

Now I've heard that your lucky if you don't get cracked 3 days BEFORE release! And thats with thousands spent on protection!

The point is localmotion34 is right - everything can be cracked.

What you don't want to do is present a challenge. Make the 1st protection check easy to crack. Make the 2nd easy to crack too. Make the 3rd only present itself if the user actually uses the program and make that one difficult.

Also, a real user of the program will want to use the very latest version, if you make new releases every couple of weeks then then hackers will tire of keep cracking it and real users will want the latest version. Don't forget to change the protection method though or you will end up with a generic patcher for your program.

The best thing you can do is to change the protection often (without changing the version number), so that cracks won't work. Even if there are 20 cracks available, if only 1 of them is up-to-date and works, you can bet people will get tired of trying them all long before they get to the correct one.

Problem is that usually the file is there withe the crack on some file sharer or torrent link site!

DoubleDutch wrote: Also, a real user of the program will want to use the very latest version, if you make new releases every couple of weeks then then hackers will tire of keep cracking it and real users will want the latest version. Don't forget to change the protection method though or you will end up with a generic patcher for your program.

You'd think they would but these groups I'd guess are in cahoots with each other when one gets tired the other picks it up to become the hero if you will of the said crack, also they make software to auto crack it meaning they know how you did it, and write code to find your protections and pull them out or write a key gen.

Also if your constantly changing the protection methods who is wasting there time and money here?

I like my idea better which is release it for free no protection at all, if you've made a good product people will want to reward you for it, if you haven't you don't get anything, that way the poor don't get ripped off the money barely have to begin with, and the rich get to improve the quality of life of a poor person which is how it should be.

I'd be flattered if anyone bothered to try to crack anything I wrote

> I'd be flattered if anyone bothered to try to crack anything I wrote

I used to think like that, too. In reality it pisses you off.

My concept for protection (I've mentioned this before): a custom image in
the app, and nothing more. For example: your app's main window has like
a 100x100 pixel image on it, of something the user doesn't like (perhaps
a crucifix saying "Jesus loves you!"). They then have to pay up to get
a custom version with their own supplied 100x100 image there instead.
Their custom app then becomes personalised to them, and they're unlikely
to want to share it with anyone else.

Some of you may say: "Yes, but a resource hacker can stop that." Well,
as I said before, it doesn't. I asked people here before to alter an image
in a test app that I supplied, but nobody did it. So... yeah, it works.

I think perhaps people need to look at the mentality of the people doing the cracking.

They do it because it's challenging (ie the bigger the claim that it's not crackable the more they try)
They do it because they dislike the attitude of the company selling the product (EA / Sony / MS etc)
They do it for notoriety (DeCSS)
They do it for money (it's a very popular app and people will pay for it)

There's probably other reasons I guess that didn't occur to me in the last 2 mins

Considering these reasons, a lot of smallfry coders are pretty safe. Not many people will bother trying to crack anything I write, and even fewer people will care less if a product of mine had a crack available.

For me, it will be simple nags and time expiry demos and maybe a license key. A good cracker with a hex editor will be able to break it with ease should they try. Little of my time will be wasted on it.

Most importantly, non of my real customers will ever be inconvenienced by it !!!! (it won't trigger their AV software, it won't call home, it won't fail when they reinstall their PC, it won't lock up if another copy is detected on the network and it won't cost me a fortune in support costs getting it sorted out with all these pissed off people who were buying it in good faith)

PB wrote:> I'd be flattered if anyone bothered to try to crack anything I wrote

I used to think like that, too. In reality it pisses you off.

My concept for protection (I've mentioned this before): a custom image in
the app, and nothing more. For example: your app's main window has like
a 100x100 pixel image on it, of something the user doesn't like (perhaps
a crucifix saying "Jesus loves you!").

I'd actually write you an email thank you for your wonderful message.

Again thanks to all that posts ideas about this, I'll read every one twice
before deciding on a scheme.

pdwyer wrote:Most importantly, non of my real customers will ever be inconvenienced by it !!!! (it won't trigger their AV software, it won't call home, it won't fail when they reinstall their PC, it won't lock up if another copy is detected on the network and it won't cost me a fortune in support costs getting it sorted out with all these pissed off people who were buying it in good faith)

This is the most important thing said in this entire thread,
sadly big companies fail to understand this. peeps like Fred seem to understand it.

Also folks, do not forget that those piracy numbers big companies throw around and call "lost profit" is actually "lost potential profit", in other words just guesswork.

And as a developer they key thing about all this is that...
Ok! So your product is being pirated, but you are making a profit (i.e. not loosing any money, your in the green, etc.) so you are able to keep working, doing what you love. The ultimate goal of anyone right?

If on the other hand your product is pirated and you are not making profit (red numbers, it costs more to make it than the money coming in) then I "do" understand piracy is an issue, but is the negative numbers due to piracy or because not enough people are buying your product?

but as long as your making a profit, you should be content with how things are going. What big companies worry about is not making "enough" profit per their profit margins (hate that term).

The game industry had like a billion in revenue the last year? How much of that was profit? (big dev house buyouts should not be counted obviously)

If I earn a small profit I consider that good work, if I get rich I'd call that getting lucky. My goal is to keep earning enough so I can live and keep doing what I love to work with

Call me an idealist if you must!

Also consider, how much of that profit would have actually been realised if the app wasn't cracked? Many people who use cracked software wouldn't buy it if that was the only way to use it so the money wouldn't materialise anyway. There's only one price they want to pay -> Free

Also, there's the benefit of cracked software.

Example = Me & a lot of people I know. About 12-13 years ago I used a product called Paintshop pro 3. It was a cracked version. I also used paintshop pro 4 that was cracked. Then for years I didn't use it and when I wanted to again I saw it was out of date. I liked the product and I wanted a new copy so I purchased PSP 9. I haven't upgraded as I thought it went down the toiled after that but my point is, a lot of people I know learned to love PSP4 because it was "free" (ie the cracked version was everywhere). When it updated with enough new features, many of those uni students had a life and weren't going to spend hours hunting for a new cracked version, it was easier to just buy it and be elegeble for upgrades and patches.

The people who still hunt for and look for cracks for that product would not buy it if they can't find a crack, they will switch to some other cracked product.

There will be little profit realised from taking a more prohibitive stance and sliding into DRM-land. But it will have a cost.

I believe basic security at a cheap cost that doesn't inconvenience users is sufficient