Dear Software/Shareware author,
As far as I know, this idea is original and hasn't been put into practice yet, so there is no way of knowing if it will work or not. However, there is no reason why it shouldn't.
There is a new generation of people emerging from the Web known as 'Reverse Code Engineers' or as some people like to say; 'Crackers', that feel that it's perhaps time to change the way YOU think of us.
Throwing lawsuits around will certainly get our attention, it's time consuming and a drain on your valuable resource, closing one such web site will usually result in five more popping up to take it's place. You cannot prevent or halt Reverse Coding related web sites from appearing on the web nor can you prevent people from cracking your software, that's like trying to stop someone from catching a cold, but what *we* can do is to try and limit YOUR financial loss in a way that benefits both you and 'us'.
Today's crackers in general are NOT concerned with downloading your latest software products in order to first 'break' it then add it to some warze library nor do we want to your software for free. To us, breaking protection systems is an intellectual challenge, our skill against the skill and knowledge of the protectionists and nothing more. If fact, to many people who wish to learn "How to crack" it's an incentive for them to learn to program in Assembler, since they must do this before they can even begin to tackle a software program. Isn't it possible, that this can also spur people to later on to become tomorrow's programmers!
What I suggest here, and to those I know on the WWW is that we should in future, NOT write about how to break protection systems in your latest software, but instead, and with YOUR cooperation, use instead your older, out of date versions of your software that you no longer support and which does not compromise the protection systems in your latest software products.
The next time you read a tutorial and especially one that concerns one or more of your software products then all I ask is that you try and read it as though it's a report based on the findings of a User about what they thought about YOUR software.
As a rule ( and all my 'reports' include this) this report will include:-
1. A link to your web page where people
can find this software product.
So
now people know where to find you with this 'free' link. Some
web sites have 100's
or even 1000's of potential customers!.
2. It will describe what YOUR product is
suppose to do and all the features it provides.
Now
its providing 'free' advertisement to one of YOUR software products.
3. An explanation of what System Registry
entries are created.
Since
in order to 'break' this software we have to know exactly what entries
if any,
this program creates and uses.. Now you will see if your program is doing
what it's
suppose to do and what errors if any, occurred. Some programs can be 'broken'
simply
because the program in question cannot handle the System Registry properly!.
4. An explanation on how your software
communicates with other files, .dll's etc.
Again,
you will be able to see what errors if any, occurred. Can you really
be sure
your program does what's it's suppose to do on different pc's?.
5. In order to properly understand the
program in question, it is run and tested on each
of it's screens and
that all the features provided by this program will also be checked.
Isn't
this what your beta testers do?
6. How well do you regard the effectiveness
of YOUR protection system?.
The
'report' will usually show in detail, how YOUR program's protection system
*can*
be circumvented, it shows you *how* we might 'attack' this program and
and the steps
we took to accomplish this. A simple, yet effective trick you can
use to deter newbies
from cracking your programs is to assign the keys Ctrl+D to your Registration
Screen,
that way every time the newbie cracker looks for this Registration Screen
it will fire up
instead of his Softice!.
Do you
use a third party protection system?, do they tell you that it's effective
against
being
reversed engineered?, then here you will find out from an 'independent'
source
exactly
how effective this protection system is and how easily/hard it is to defeat.
In my
experience some protection systems can be circumvented in minutes like
TimeLock32
V2 to hours or even days on others.
Some 'reports' can take many hours to write because we want them to be as accurate as possible. Dear Software writer, all this work is done Free and is based on YOUR software product. Now if you add all these 'reports' together then you will have an effective database on a huge amount of software protection systems not to mention an unlimited source of independent information on your software products!.
So where do you come in?.
Allow 'us' to use your old and outdate software to practice on. Since you would have discontinued it's use and support and also stopped further downloads from your web site would also mean that any information we find regarding the protection routines would not harm your financial interests in your latest versions, since it would be very hard for people to find these 'old' copies. People will always want to own the newest, latest versions rather than settle for anything less.
I understand fully, that any cooperation from yourself on this matter does NOT mean you condone nor encourage the misuse of Reverse Code Engineering but that all you would be doing would be providing the materials necessary to have your software tested for bugs and anomalies just as though it was going through it's beta testing stage.
Thank you for your consideration on this
matter.
The Sandman
Page
Created by: The Sandman
Last
Updated: 07th September 1998