SoylentNews is people
SoylentNews
AnonTechie writes:
"Echoing a question asked on programmers.stackexchange.com - How can software be protected from piracy ?
It just seems a little hard to believe that with all of our technological advances and the billions of dollars spent on engineering the most unbelievable and mind-blowing software, we still have no other means of protecting against piracy than a "serial number/activation key." I'm sure a ton of money, maybe even billions, went into creating Windows 7 or Office and even Snow Leopard, yet I can get it for free in less than 20 minutes. Same for all of Adobe's products, which are probably the easiest. Can there exist a fool-proof and hack-proof method of protecting your software against piracy? If not realistically, could it be theoretically possible? Or no matter what mechanisms these companies deploy, can hackers always find a way around it ?"
(Score: 2, Interesting) by Anonymous Coward on Saturday March 22 2014, @04:27AM
That's an interesting and provocative statement, but I think it's too broad to be absolutely true. I happen to sell some very specialized software that's a tool for a professional engineering niche and sells in small volume. For the first several years, it had a pretty simple-minded registration keying system that I put together in one evening. It soon got cracked, and somebody even created a key generator for it.
I wasn't happy about that (no one enjoys being vandalized), but a friend who also sells small-volume software advised me not to worry about it. After all, how many paying customers did I really lose in the process? The professionals who might buy the software probably wouldn't use the cracks anyway. The main purpose of the registration key was to keep honest people honest.
Even so, the crack and key generator really bugged me. The worst part is that the top slots of Google's search results were dominated by the cracks, with my own page about the product appearing in about the middle. (That's PageRank at its finest...) So I decided to fight back. I found a nice article that explained how to remove trails within the software that crackers might follow, so I did that. I then spent several weeks putting together a very complicated registration keying system that uses layer upon layer of cryptography. It's so complicated that I barely understood it myself at the time (I don't by now.) It's certainly not impossible to crack, but I figure if it took me that long to develop it, no cracker would spend that much time on it since the software is specialized and small-volume.
Several years later, I'm not sure if it's been cracked or not. It does appear in some crack sites in search results, but all of them seem to want a credit card now, so I haven't been able to check if their advertised cracks are real or not. (When the software was originally cracked, the cracks were given away freely so that was easy to check.) Anyway, I figure that anybody who gives their credit card to crackers deserves what they get. So, even in the unlikely event that the cracks are real, it's OK. I got enough moral satisfaction out of at least putting up a good fight to make it all worth it. I also learned a lot about cryptography in the process, which ain't all bad.
(BTW, if you folks think I deserve what I get for selling software, that's OK too. :-)
(Score: 3, Funny) by chromas on Saturday March 22 2014, @06:23AM
Actually, I just find it hilarious that you implemented a security scheme you barely understood and you don't know if it's effective. But we'll forgive you since it's just copy protection instead of bank transactions plus you learned crypto.
(Score: 1, Funny) by Anonymous Coward on Saturday March 22 2014, @01:09PM
Good point. But remember, it was mainly about moral satisfaction. In that regard, it's been a huge success.
(Score: 3, Insightful) by Tork on Saturday March 22 2014, @08:30AM
🏳️🌈 Proud Ally 🏳️🌈
(Score: 5, Interesting) by anubi on Saturday March 22 2014, @12:17PM
I have been burned before over software with protection schemes. The first sniff I had of it was purchase of Circuit City "divx" disks. When they turned the servers off, the disks were useless.
Imagine my chagrin when I am tasked by the company to implement our first CAD system ( this was MANY years ago!) , and I knew we were probably going to use this system for 50 years. ( Yes, it was an oil refinery ). When I invest the time and trouble to implement something, I expect it to last. I do not build refinery supports out of lumber. I do not use cheap pumps. I am not running a topsy-turvy try-to-keep-it-running operation. Once installed, stuff is expected to work - for all practical purposes: forever. I have plenty of problems as it is without having to worry about finicky crap. I looked at most technology offerings the way I looked at bad concrete... looks good for the acceptance handshaking, but would it last under the stresses of production?
I ended up going with Futurenet ( Dash-2 ), under DOS at the time. I had a crack for it. The only reason I felt comfortable with this is because I knew at least if I could maintain compatible hardware, I could keep this thing going.
Yes, as anticipated, the dongles eventually failed. The program became obsolete and no longer supported. For all I know, its now abandonware.
Its now going on 30 years old. You know what? IT STILL WORKS!
I still pull it up once in a while if I need to see how I had wired something years ago. I have that and the companion PCB layout program PADS pwork for DOS. Both still work albeit I have to refresh myself every time I bring it up because I am doing all my new stuff on EAGLE... which was selected for the exact same reason. I expect it to be working 30 years from now as well.
I have watched a lot of stuff come and go - especially word processors and office type stuff. I consider most of the kind of stuff that software kept track of was extremely ephemeral in nature, as I no longer give much of a damm how many resistors I had in a bin four months ago, but the wiring diagrams to a refinery is to me a horse of a completely different color. You simply do not throw a manufacturing plant away because some MBA did not like the color of one of the distillation columns.
I no longer work for the company, however I can still use the tools, just as I can still use old screwdrivers and pliers. Finicky software to me is like a wrench that cannot be counted on to do the job. As far as I am concerned, finicky software is mostly to give PHB's a sense of accomplishment by signing for it.
"Prove all things; hold fast that which is good." [KJV: I Thessalonians 5:21]
(Score: 2) by Kell on Saturday March 22 2014, @01:34PM
Thank you! This is the most interesting thing I have read all day.
Scientists ask questions. Engineers solve problems.
(Score: 2) by Runaway1956 on Saturday March 22 2014, @05:50PM
"Finicky software to me is like a wrench that cannot be counted on to do the job."
Or, as I was taught, "Always use the right sized wrench!" A Crescent or a Monkey wrench (or some cheap knockoff) may be convenient, but it will never fit as securely as an open and box end wrench that was made to turn that one specific sized nut. Million upon millions of rounded off nuts and bolts prove that you should use the correct wrench!
(Score: 2, Interesting) by el_oscuro on Saturday March 22 2014, @09:40PM
I would agree, as long as I can find the correct size wrench. Unfortunately, the correct size is always the one that is missing. If you were look up "correct size wrench" in the dictionary, it would have a picture of an empty slot in my tool chest. :)
So sometimes you need to use a crescent. Just make sure to get the original, actual Crescent wrench. They are still made in the USA, and will hold a bolt a lot better than the cheap made in China crap. Same thing goes for Channellock pliers, also still made in the USA. While almost everyone has some knock-off of them in their toolchest, try picking up a Channellock 440. You will not believe the difference in quality.
SoylentNews is Bacon! [nueskes.com]
(Score: 2) by Reziac on Sunday March 23 2014, @04:04AM
The difference is that you'll only buy ONE of the tool made in USA or Germany or Finland, since it will last pretty much forever, and A BUNCH of the cheap Chinese knockoff (or worse, the cheap Indian knockoff) since they keep breaking.
And there is no Alkibiades to come back and save us from ourselves.
(Score: 2) by Runaway1956 on Sunday March 23 2014, @09:34AM
Uhhhmmm, while I tend to agree with your statement, the conversation wasn't directed that way.
No matter how well made a crescent wrench might be, it is a general purpose tool, lacking in precision. It might be "good enough" to turn your nuts and bolts most of the time, but it can't be counted on. A precision built hex wrench or socket will fit the appropriate nuts and bolts exactly, time after time, with no slipping. It only takes one broken knuckle to convince a more intelligent person that precision tools are worth the extra cost. I do own and use slip joint pliers and channel locks, but I never use them on nuts and bolts. Even expensive high dollar crescent wrenches are known to slip when a lot of torque is applied to them. The monkey wrenches I mentioned will take more torque than a crescent, but they will slip too.
(Score: 2) by Reziac on Sunday March 23 2014, @06:18PM
This too, tho sometimes a person can't be arsed to go find the correct wrench or socket, and vise-grips do the job well enough. Or the damned socket won't FIT in the spot, but vise-grips do.... a situation I have a lot of experience with thanks to the vagaries of fence clamps and irregular fence panels. :( And then there's the crescent wrench I use mostly as a hammer, because it fits conveniently into narrow spots. We won't even discuss how I use the tire iron. :)
I'd say the software market, DRM and all has much in common with both situations.
What was the question? :)
And there is no Alkibiades to come back and save us from ourselves.
(Score: 2) by Runaway1956 on Monday March 24 2014, @04:05AM
LMAO at the crescent wrench hammer - that is just to damned true!! Not to mention that the crescent wrench fits into a hip pocket, but a hammer normally stays in the drawer of my toolbox because it doesn't fit into a pocket.
(Score: 2) by Reziac on Monday March 24 2014, @05:03AM
Nonsense. This ball-peen with the busted-off handle (er, without the busted-off handle) that I found in the mud today fits in my pocket just fine!
And there is no Alkibiades to come back and save us from ourselves.
(Score: 0) by Anonymous Coward on Saturday March 22 2014, @01:23PM
I don't have any real data on this because this software sells in such small volume (both before and after) that statistics are nearly meaningless. The one data point that I do have is that the crack results no longer appear in the first page or two of search results unless you put in terms like "crack" or "registration key" alongside the product name. I think that's pretty good evidence that it was worth the several weeks I spent on it about four years ago. Or, maybe my marketing or Google search algorithm has simply gotten better.
That may be true, but it was never about that in my case (see the advice quoted from my friend above). It was about fighting back against vandalism. The people who might use the cracks are thieves, but at least they're getting some benefit from it: when they steal it, I can take some satisfaction in the fact that I'm helping somebody in some way. OTOH, the people who create the cracks are just plain vandals: they damage someone else's property without getting anything out of it themselves.
Oh, except that they get a fun puzzle to solve. And if that's what they're looking for, I've given them an even funner puzzle to solve. (You're welcome. ;-)
(Score: 3, Interesting) by mcgrew on Saturday March 22 2014, @01:54PM
Expected, considering a study a book publisher did a couple of years ago. He wanted to know how badly piracy was hurting sales so he commissioned a study. Unlike a movie or song it takes a few weeks for a book to be scanned, OCRed and uploaded so they looked for a dip in sales when the book hit the internet.
Rather than a dip in sales there was a spike in sales. Piracy results in more revenue.
mcgrewbooks.com mcgrew.info nooze.org
(Score: 2) by Reziac on Sunday March 23 2014, @04:13AM
That would be Baen, I presume.
What they also found was that suddenly there was renewed demand for older stuff. Which meant not only was Baen profiting, their authors were profiting, from works that normally would be past their shelf life.
Baen found this all so enlightening, that they started releasing big swaths of their stuff on redistributable CDs, as a bonus with printed works. Frex:
http://baencd.thefifthimperium.com/ [thefifthimperium.com]
And there is no Alkibiades to come back and save us from ourselves.
(Score: 2) by mcgrew on Sunday March 23 2014, @05:21PM
Thanks, I didn't remember everything from the article. It probably was Baen.
mcgrewbooks.com mcgrew.info nooze.org
(Score: 1) by khakipuce on Monday March 24 2014, @09:38AM
The thing is it is analogous to process that causes string to be tangled. There are very many ways in which a piece of string can be tangled and only one way in which it is untangled. So statistically it pretty much always ends up tangled.
Your software is the same, there are very many ways of cracking a software activation code and you have to find and block each and every one. An attacked only has to find one of the many that you have missed.