.Net Software Protection (Prevent Cracking)
Hey guys,
I am still very new to coding and I have way more experience in reverse engineering ( cracking ) software than I actually do coding it. I began toying with reversing software when I was much younger and enjoyed the challenge it presented and today that challenge is not in cracking software but learning how to protect against it, specifically in .net applications, and help protect the intellectual property of developers.
With that said, I have ideas in my head that sound great in order to prevent crackers ( like myself ) from being able to crack software and make it work and then share it across the internet freely. With that said, I also know that what we can create can also be undone. So I know what I'm up against here.
My question is that I have some ideas floating in my head about what it would take to make a software 'virtually uncrackable' and until now that was taking part of the application server-side and so even if they bypassed registration routines and multiple software checks, the software was rendered useless because they couldn't access the server-side information.
I know there are flaws with even that system and so I'm wondering if it's possible to create an executable on the fly server-side that is specific to a machine. For instance, let's say I'm selling 'Widget X' and someone finds the installer or buys it and shares it, what I want to have happen is that the installer is really useless without this custom generated exe that happens on my server specifically for each machine it runs on.
So you buy 'Widget X', you get download link to installation utility. After installing you run main application and it does several hardware checks and generates a unique encrypted code based on the hardware ids it collects. This is unique to one machine only and no two will be identical.
The software then goes to our licensing server and generates a unique executable based on the input from the software and installs to users machine. That software has their unique code inside and then begins the normal routine of verification based on machine id, the id inside software to match, what the server shows as the true id, and hidden checks to verify that the software they have is not tampered with.
Does this make sense and is it plausible?
Chris
Re: .Net Software Protection (Prevent Cracking)
Very possible and actually easy to do in .Net as there are compilation classes built into the .Net framework that allow you to do this. Of course .Net can easily be decompiled and reversed into the code it came from (as the compiled executable isn't native; it's basically MSIL waiting to be compiled into a native image by JIT).
To be honest, your idea makes me very wary about using your software products. As a user, this seems very anti-consumer. What happens if I format my machine or have to have a hardware component replaced? Then there is a good chance your application, the one I paid for, no longer works. It makes it even worse if the user does not have an internet connection.
And all of this for what? Virtually all pirated versions of applications are cracked by a group of folks then distributed to everyone else to download. So once someone beats your protection (and they will), they'll distribute a version that's easier to use than the one that you sell.
Completely not worth it in my opinion but it is doable.
Re: .Net Software Protection (Prevent Cracking)
Hey Kris,
I've tried to put my head around this and make it secure and not bother the end user so much. I know very well about getting source easily in any .net application so that isn't my concern since part of this is keeping it server-side. The other thing is there is already software out there kind of like this that is licensed based on those ideas and it's selling very well. It doesn't even require you to have an internet connection once you've actually validated against their server, it's a one time thing.
With that said, the niche that I am working in is used to having software like this and would not be intimidated in the least with this type of protection if I could create or have it created. The main thing this would be for would be protection against piracy and warez communities sharing software.
There is a great need for this type of protection which is why I want to use my knowledge in cracking software to give software developers or software entrepreneurs a way to protect their intellectual property against guys like me. :-)
I left a lot out of the idea to keep it safe but that was part of the idea was taking it to a different level along with my other ideas and making sure it was..First possible and Second to start the process of mapping out the entire solution and delivering it to the world.
I really appreciate your input and help by the way! :-)
Chris