Barry, I understand your dilemma however I must point out that with Soft Ice, anybody can find the code that verifies any authorization code. For example, you set up an elaborate email/code scheme. I try it out and find I can't get past the prompt without entering a valid code... hmmm..... so I go into softice, locate the routine, find the 'cmp' and 'jne' codes and simply NOP them out. I've just bypassed your protection routine. Again, I say that if they really want it without having to pay for it, they'll get it. I'm no condoning hacking, it's just that I've gone through all this frustration before. -----Original Message----- From: pic microcontroller discussion list [mailto:PICLIST@MITVMA.MIT.EDU]On Behalf Of Barry Michels Sent: Wednesday, May 08, 2002 9:09 PM To: PICLIST@MITVMA.MIT.EDU Subject: Re: [OT]: Software Protection I visit astalavista periodically, which is why I wanted to ask here before developing an elaborate protection scheme. I'll probably do some simple challenge/response type thing where they can use a temporary code e-mailed to them upon download, but they have to e-mail in a locally generated code that will be use to generate a key that is e-mailed back. Then store that key somewhere deep in the registry. The only problem is, before I re-invent the wheel, is there some information already out there on what kind of math to use for generating these keys? I've been doing searches on Google about authorization codes, but after sifting through debates on Microsoft's methods, I've gotten nowhere. Barry ----- Original Message ----- From: "S. Wright" To: Sent: Tuesday, May 07, 2002 2:13 PM Subject: Re: [OT]: Software Protection > Barry, > > In all likelihood, if they want it, they'll get it. There isn't much out > there that can't be cracked. It's hard when you're a small fish swimming in > a big ocean - I've developed software that got picked up (without > compensation to me) by another company and what am I supposed to do? Take > them to court? > There are trial ware tools out there, i.e. DLL's that you incorporate into > your software that are pretty cheap... nothing comes to mind at the moment, > but just do a search on it. > NOW, if you want to know what the crackers are doing to people's software, > go to http://astalavista.box.sk/ and look around that website. I used it to > develop my own software protection scheme (which took me 3 months to develop > and hackers 3 minutes to disable). > My final suggestion... sell as many as you can before you get ripped off! > OR maybe talk with Johnson and see if they'll buy the idea off you... I did > that and made a pretty penny and I passed on the software protection problem > to them! You WILL be spending way too much time developing a scheme. Is it > really worth it? My experience tells me no. > Sell man, sell!! > > S. Wright > "Why is everyone else so insecure?" > > > > -----Original Message----- > From: pic microcontroller discussion list > [mailto:PICLIST@MITVMA.MIT.EDU]On Behalf Of Barry Michels > Sent: Wednesday, May 08, 2002 12:39 PM > To: PICLIST@MITVMA.MIT.EDU > Subject: [OT]: Software Protection > > > To all those who have experience with marketing their own software, do you > have any suggestions on how I can protect a software package I just wrote? > I will definately not sell more than 1000 copies and more likely, not more > than a couple hundred. > > It's a front-end for another software package made by Johnson Controls that > is a HUGE time-saver. If it becomes popular, I'm wondering if I'll have any > way of keeping Johnson from just duplicating it's function and integrating > it into their own product without any compensation for my efforts in > developing it. > > Also, I'm working on a limited use version that I can freely distribute and > allow the user to use either for a certain number of times or for a certain > length of time before it requires purchase. Any thoughts on the best way of > doing this? I thought of using the registry, but that's too easy to hack, > unless it's encoded somehow and the user doesn't know what their looking > at... Or, maybe doing something simliar to Microsoft in requiring online > registration, but I hate having to do that with M$'s crap, so I'd rather not > do it with my own software. > > > Thanks, > Barry > > -- > http://www.piclist.com hint: The list server can filter out subtopics > (like ads or off topics) for you. See http://www.piclist.com/#topics > > -- > http://www.piclist.com hint: The list server can filter out subtopics > (like ads or off topics) for you. See http://www.piclist.com/#topics > > > -- http://www.piclist.com hint: The list server can filter out subtopics (like ads or off topics) for you. See http://www.piclist.com/#topics -- http://www.piclist.com hint: The PICList is archived three different ways. See http://www.piclist.com/#archives for details.