I would think any licensing trick could be thwarted.
All the cracker has to do is figure out where the program stops if the
licensing mechanism does not return a proper value. You change this check
condition to always return true or skip the call. After that the program
works correctly.
One idea to get around this is to have something in the key itself that the
program must have. Without it, there are failures all over the place. A good
cracker might be able to figure out what that value is and put it into the
program.
Robert Casto
robert@xxxxxxxxxxxxx
Change happens, prepare for it.
-----Original Message-----
From: deshmol-lists@xxxxxxxxx [mailto:deshmol-lists@xxxxxxxxx]
Sent: Friday, August 11, 2006 8:22 AM
To: users@xxxxxxxxxx
Subject: RE: [cinjug-users] Product Keys
since part of the problem is that java can be
decompiled so easily, i wonder if using jni for the
licensing code could help.
~ amol
--- James Carman <james@xxxxxxxxxxxxxxxxxxxx> wrote:
> This is somewhat dated, but I found it a very
> interesting read when I was
> considering how to write a licensing service for my
> Java code. It's
> somewhat depressing:
>
>
>
> http://www.cigital.com/hostile-applets/maginot.html
>
>
>
>
>
>
>
> _____
>
> From: Scott Hofmann [mailto:shofmann@xxxxxxxx]
> Sent: Friday, August 11, 2006 7:06 AM
> To: users@xxxxxxxxxx
> Subject: [cinjug-users] Product Keys
>
>
>
> Hello everyone,
>
> I'm involved in a software product being developed
> in Java and wondered if
> anyone here has had any experience with product keys
> and registrations? I'm
> hearing from the developer that to do registration:
>
>
>
> "From my research online, it looks like the only
> truly secure way is to have
> a license server. The software would then connect
> to the license server to
> ensure that it is legitimate. However, this seems
> like an expensive
> solution as it requires *much* more development work
> in addition to having
> another server to maintain."
>
>
>
> Sooo... I'm trying to identify ways others are doing
> their product keys or
> have heard of doing them. We really do not need a
> truly secure key. The
> product will sell for under $50. What we need we
> think is just a simple
> solution that help to:
>
>
>
> - Keep people honest and not feeling to free about
> passing along copies to
> other.
>
> - Being able to provide support to those who truly
> purchased the product.
>
> - Most likely we would not trouble ourselves with
> those people who are
> dishonest and feel the need to find loop hole in
> software product keys in
> order to use it anyway.
>
>
>
> Any advice or thoughts on this topic would be
> helpful.
>
>
>
> - Scott Hofmann
>
>
>
>
---------
You may unsubscribe from this mailing list
by sending a blank email addressed to:
users-unsubscribe@xxxxxxxxxx
--
Find additional help by sending a blank email
addressed to:
users-help@xxxxxxxxxx
|