Software protection (or not)

Anyone have any experience with this technology?

http://www.paceap.com/technical.html

I guess its PACE. I thought that was cracked years ago?

"This "under the surface" technology is as large a part of the InterLok system as the many features already described here. We wish we could say more about it, but we can't. Trust us. It's in there, it's very good, and it works."

Why is it want to run the opposite direction when a vendor tells me to trust their protection...

After my nightmare with EXEcryptor
http://www.strongbit.com/execryptor.asp
Which stopped working and caused GPFs

I found an excellent product:
http://www.oreans.com/codevirtualizer.php

But my client wants a "dongle" based schema...

Have you looked at Molebox 2.2981 (www.molebox.com), released on January 19, 2008.

Pack application:
Link application and data files
Integrate DLLs and ActiveX into EXE file
Encrypt and compress EXE, DLL, data files

Protect application:
Protect application from disassembling
Protect DLLs from 3rd party use
Protect data files from access

Moved to General Developer

Two things.

1. Trying to protect the disassembled MSIL in any .Net application is futile. The .Net framework has to have access to this to work so it's decrypted at some point thus exposing your software. There is no way to 100% protect your .Net application because of how the .Net framework works. if this is unacceptable then I would suggest additional research before development on your next project and possibly re-write it in C++.
2. Any piracy protection schemes are crap. Do you know how people get pirated versions of your software? A few really smart people "crack" your application then distribute it to everyone who wants to pirate your application. No matter what piracy protection scheme you employ, it will be cracked and then anyone can download it and use it. The only thing piracy protect does it hurt your legit users. So my personal opinion is to avoid it.

That's my opinions in a nut shell on both sides of the issue.

Dr,
I use PECompact after the obfuscation is done by Code Virtualizer. That will compress the binary by up to 80%.

Hack.
Made a small contribution but the thread is closed...

Kas,
I agree. Protecting .NET is a waste of time. Thats why i don't write in .NET :)

If you can create binaries with no run time dependencies then you can effectively protect them. Even tho EXEcyptor is worthless in my opinion, it has not been cracked. The Orean's technology is far superior and also has not been cracked.

The problem of protection is difficult, because if enough resources are brought to bear then, I agree, anything CAN be broken. but will it?

Most "hackers" are not going to waste a large amount of time on an application that has anything less than large demand. They are not going to get the exposure they so desperatley crave.

Cracking an application that obfuscates SECTIONS of code with virtual opcodes is a hardnp problem. Its a severe deterrent. I suspect that most products would fall short of the requirements that these invalidated clowns have for their validation fix. In which case, I suggest protection makes a lot of sense.