How to create an invisible or protected process?

[thanos]

Hello.
I am distributing a program which has a simple server to handle and count the active users of my program.
This little .exe is critical because if the user has purchased one license this app will stop the second user which trying to access the program.
So, i want a solution to make this process invisible from process tree or to protect it and make it impossible to kill be the user.
A good example is the Ad-Aware.
If the user kill its process from the process explorer the process rerun automatically.
Another example is the Avast antivirus. Is the user try to kill its process receive the message "Error terminating process: Access is denied!"
Is it possible to do that?
Thanks i n advance.
Regards.

Thanos

[Mahan]

... make this process invisible from process tree ...

Just a friendly piece of advice: If the "process invisibility" is not something that the end-user can control or know about pre-purchase your software will have a high chance to be classed as malware.

Tampering with users/customers computers without they consenting to it before the fact is not popular. Especially as "hiding a process" is done by tampering with the internals of the operating system.

Online activation is a whole other thing. If you publicly state to the users/customers that you software uses online activation before the download/purchase it's up to the users to choose if they agree with that or not.

[PB]

> Tampering with users/customers computers without they consenting to it
> before the fact is not popular. Especially as "hiding a process" is done by
> tampering with the internals of the operating system.

Don't be silly. There's nothing wrong with protecting your app's process. :roll:

[Mahan]

Don't be silly. There's nothing wrong with protecting your app's process.

If you do it with a rootkit it's not right imho and many would agree with me. Example: Sony tried this stunt for CD:s and it brought them tons of bad press.

DRM is a grayzone as long as there is info before the purchase and/or installation and if the DRM is guaranteed to be uninstalled if the host-program is uninstalled.

Side note: I skipped GTA IV because of DRM. (And I have bought the whole series before that, so I would 100% have bought it if it wasn't for the DRM).

[PB]

> Sony tried this stunt for CD:s

That was a different kettle of fish. They weren't protecting a software app.
They were secretly installing an app when the user was expecting to play
a music CD. That's a MASSIVE difference.

[Mahan]

That was a different kettle of fish. They weren't protecting a software app.

Fair enough, you right that this was not exactly the same.

But I still think that any kind of rootkits to protect software applications is plain wrong. I think DRM is OK if the customer can read a notice of this outside the box (or on the website) before purchase, so that there is a clear option to opt out if the user is not willing to comply.

The only exception to rootkits is when the user installs one for specific needs or when the user chooses to use an anti-virus-package that uses rootkit technology to do it's protective work on the users system.

Furthermore I think that any software that "calls home" also should be very clear about this fact, and state why it's calling.

Since I started to work I've bought almost every game I've played and program I've been using. I have also gotten "burned" to many time on idiotic copy-protection schemes.

The most obvious idiot-copy-protection is the "CD-in-drive-required". Since I'm a long time Laptop user and I travel in my work at least once a week, I'd hate to have 10's of CDs with me in my bags, just in case I'll feel to play some specific game in the evening at some hotel somewhere.

Do you know what I have to do? I have to download a crack .exe for games I've legally bought just to use them without having to carry all the CDs. And it saddens me even more when I think that this "cracked version" is what pirates are getting default on download. This means that I, as a legal customer, am given an inferior version of the program that the punks that just steal the game in the first place!

Summary: Don't use copy protection if the result is that legal customers are worse of than the pirates!

You are free to disagree with me on any of this, I just state my opinion on these matters

[Tranquil]

6 answers and all off-topic. (including mine)

[Mistrel]

You can do something similar to an "invisible process" by running your program as a service instead.

[Mahan]

You're right to a certain degree, Mistrel, but just note that the process will be visible in the task manager if the user enables the "show processes for all users" checkbox.

[Mistrel]

Why is it so important that your program is invisible?

[idle]

sounds like your application should be doing the checks, why would you want to run a hidden service?

[thanos]

@idle, @mistrel
As i said in the header i am interesting for a hidden or protected process. The protected it is prefferable.

@Mahan
I just to check the active users of my application. Nothing more.

@PB
Thanks! I started to feel like a dangerous cracker

@All
I apologize for not being as clear as needed.
As the title said i want to start a proccess which is either invisible or protected.
The picture below gives an example of the Avast! Web Scanner.
I tried to kill this process but i took the following message:
Error terminating process: Access is forbidden!

So, i want to set a "protected" process like the above.
Regards


Thanos

[thanos]

... make this process invisible from process tree ...

...Online activation is a whole other thing. If you publicly state to the users/customers that you software uses online activation before the download/purchase it's up to the users to choose if they agree with that or not.

Thank you for the response.
I want to check the connected users into a local network, without internet access. If a user buy a 2 users license of my software i want to stop the third user who can try to connect to the program's database.
Regards.

Thanos

[Mahan]

I want to check the connected users into a local network, without internet access. If a user buy a 2 users license of my software i want to stop the third user who can try to connect to the program's database.

If the nature of the software is that it is "networked" and that the general function of it requires that the multiple users (nodes/endpoints) connect together for optimal use, you might very well write some copy-protection. (example: multiplayer game etc.)

The first thing you probably want to do is to tell the running processeses (of your software) how many TOTCON (total number of connections) are allowed.

This can be done in several ways but my two suggestions are:

1. If you sell a low volume of the software, you might have the TOTCON as a constant in your code, and just change it appropriately and recompile the program and send to a customer.

2. If you plan in selling this program on a website, you could develop some kind of registration code system, where TOTCON was coded together with the customers name. The application would need to be registered with a bought code to run and once running, it would know TOTCON from that code.


Due to firewalls being part of operating systems nowadays, I'd also recommend that you code a specific server-application. The real program you have now is the client, but the server would be the "communication hub" and authenticator and could then keep track of the TOTCON vs licenses.


Final note: If networking is not crucial for your applications work this will obviously fail because in that case it's easy to just tell the firewalls on each computer that your application is not allowed to access the network and then the whole TOTCON idea will fail.

[thanos]

...I'd also recommend that you code a specific server-application. The real program you have now is the client, but the server would be the "communication hub" and authenticator and could then keep track of the TOTCON vs licenses.

Thank you for the response.
I already followed what you are suggesting.
I had code a simple application server which handle the total connections via network connection functions.
I want to protect the application server process because if one user kills the application's server process accidentally or not accidentally the program will terminate and all the active users will lose their work.
Regards.

Thanos