1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

.NET Anti Piracy Code?

Discussion in 'General Programming Chat' started by GoogleBling, Feb 6, 2010.

  1. GoogleBling

    GoogleBling Registered Member

    Joined:
    Jan 28, 2009
    Messages:
    94
    Likes Received:
    9
    I am thinking of releasing a couple of my tools to a few people and I want something to stop them being passed about.

    Rather than try and re-invent the wheel, is there something free that I can bolt onto a .net app to achieve this?

    It doesn't have to be the most air tight system in the world, just enough to make things difficult.
     
  2. viracide

    viracide Registered Member

    Joined:
    Oct 12, 2008
    Messages:
    66
    Likes Received:
    14
    Maybe make it only able to run off certain computer names. Or put a serial key generated off of hardware IDs.

    If computername = "computer" then
    blah
    end
     
  3. erroronline14

    erroronline14 Regular Member

    Joined:
    Oct 16, 2009
    Messages:
    321
    Likes Received:
    922
    One more thing.. obfuscate your code. .net applications can be decompiled easily.
     
  4. mline

    mline Newbie

    Joined:
    Jan 30, 2010
    Messages:
    49
    Likes Received:
    18
    The only way to guarantee your tools from being cracked and distributed is to either not give them to anyone at all, or to only share them with people you actually trust. No anti-piracy code can be anywhere near unbreakable. And, I have to say, the general embrace that the black hat community has of "cracked" software is what keeps programmers, especially highly skilled ones, from releasing software. It's really a shame. Because what are publicly available as far as tools are generally laughable things using web browser controls and such shenanigans.

    Though, like error pointed out, obfuscate! That's, at least, your first line of defense. You don't want people just busting out a reflection tool and reading all of your source line for line ;) Or reflecting into you exe from their own program, etc.
     
    Last edited: Feb 14, 2010
  5. johnsmith21

    johnsmith21 Newbie

    Joined:
    Sep 23, 2009
    Messages:
    18
    Likes Received:
    6
    I think it is better to look at piracy the same way as hacking protection. If you make it expensive/time consuming to get the same quality software as buying it, people will just end up buying it. If it is very quick for me to crack then I might look at it, but if there is going to much time involved with not much guarantee that I will end up with stable software - I will buy it.

    What software do people buy rather than crack? Apps like SENuke - as it needs to be updated all the time as web 2.0 properties keep being added. Market Samurai - as they keep adding new shit that I don't want to miss out on. Look at other apps and see why black hatters buy instead of crack.

    You could have the app call home on load, using a changing algo to defeat localhost cracks, etc...

    You also need to ask yourself what market you are aiming the app at and whether they know what a crack actually is. Might be such a small percentage, no need to even bother with securing it .

    Obfuscating it is quick and easy so you might as well do this as part of any release.
     
  6. blazen

    blazen Regular Member

    Joined:
    Mar 8, 2008
    Messages:
    471
    Likes Received:
    147
    The best way to prevent your software from being cracked is not to give them out at all. Look at how the top softwares from Microsoft, Adobe, etc get cracked quickly all the time, so something free definitely will not stop crackers.
     
  7. mline

    mline Newbie

    Joined:
    Jan 30, 2010
    Messages:
    49
    Likes Received:
    18
    If the goal is creating a business of marketing a specific software bundle, suite or tool set that may apply. But in my anti-cracking remarks I was mostly focusing on more custom, one-off software. It seemed that was more the nature of the original question; that he had already developed some tools and wanted to do a limited release. Though I could easily be wrong. It's just that as good as programs like senuke and clad and all of those things seem, there are much better custom solutions out there. I think, well know, really, as a developer, a lot of people that develop really high level custom software would be more apt to offer more access to said software if it weren't for the intense level of cracking that goes on in the bh community. I'm not passing judgment. I understand the desire to get something for free rather than have to pay for it or code it yourself. I think a lot of people get their start that way. I did all those years ago. I'm just pointing out an observation.

    /thread jack
     
    Last edited: Feb 15, 2010
  8. mline

    mline Newbie

    Joined:
    Jan 30, 2010
    Messages:
    49
    Likes Received:
    18
    There are a lot of pretty simple batch files that can change most of those values, especially HDD ID.
     
  9. germ

    germ Registered Member

    Joined:
    Jan 1, 2007
    Messages:
    57
    Likes Received:
    4
    Occupation:
    Affiliate Manager for CPAProsperity.com
    Home Page:
    As someone that's used mline's software for the better part of a decade now, I can vouch that the difference between what's available to the public and what's available in private is night and day. Any developer worth his salt would be insane to code and release/sell software that turns a hefty profit to the general public because 9 times out of 10, it'd be cracked within a week, handed out to all sorts of idiots, and the method ruined for everyone.

    The return on investment just isnt there when it comes to selling GOOD software. Keep in mind that nothing I've ever come across in the general realm would be considered GOOD software versus the custom solutions I've been using for most of my career.

    It's kinda sad, really. If people weren't so quick to steal from the hardworking developers that put insane amounts of time and work into their software, the quality developers might be more apt to release their tools.
     
  10. viracide

    viracide Registered Member

    Joined:
    Oct 12, 2008
    Messages:
    66
    Likes Received:
    14
    @mline
    But I don't believe they would know that the key is generated based on that ID. Also it was just an example of what he can generate the serial from.
     
  11. richjerkoff

    richjerkoff Junior Member

    Joined:
    Apr 7, 2008
    Messages:
    159
    Likes Received:
    79
    Location:
    UK
    I am fascinated by what @mline and @germ had to say.

    I understand that the real smart cookies don't use off-the-shelf software which every tom,dick and harry has. I also understand why they don't let tom,dick and harry have access to such powerful software.

    The software tools that are publicly available always seem to lack certain desirable features or are buggy as hell, which why they are sold at a low price to the masses. It must be great to have something custom designed that nobody else has and works well.

    It's like comparing a Rolls Royce to an old banger.
     
  12. mline

    mline Newbie

    Joined:
    Jan 30, 2010
    Messages:
    49
    Likes Received:
    18
    amen, brother :beerchug:

    That I can most definitely attest to. I see some tools for sale by some sites for, let's say $50 and wonder why they aren't selling it for at least $500. Then I download and demo and find out. I don't release a tool or suite to my partners unless it has been rigorously debugged to the ends of hell lol. Generally any fully automated system I, or a good few other fairly high level developers I've had the pleasure to work with over the years, will run, multi-threaded for up-times that can be measured in weeks and months. Then you see platforms for sale getting into the $1000 area. They should be selling for 10 times more, and if made properly and less...well, whored out, would return your investment in 2 weeks tops. I have been toying with the idea of making some of mine and my partner's software available as invite only web services with some method of payment based on usage amount. Though, for now, that's just more just a musing. Mostly I think it would just be amazingly fun designing its architecture.
     
    Last edited: Feb 15, 2010
  13. pyronaut

    pyronaut Executive VIP

    Joined:
    Dec 9, 2008
    Messages:
    1,229
    Likes Received:
    1,423
    If your releasing to a few people, why not just make them your friends and tell them to not hand them out? Unless you dont trust your friends?

    If you have a proper version of Visual Studio, it comes with Dotfuscator built in (you can get it separately aswell).

    Use this and obfuscate your code. For the most part its not going to do much, i mean... People can still use it. The biggest thing is people just install xammp and get around whatever web calls you may use. So that stuffs up everything.

    If you get the full version of dotfuscator, it also obfuscates strings, which is a small help when people are using reflection to read your code.

    The biggest thing i can say, is if your selling software. Keep updating. Keep changing the callbacks to a different URL, a different website, requesting different things. And then it just becomes a chore for people to work out what you changed. You have to remember aswell, ONE person cracks it, then 100 people use it. If you change one tiny thing, that ONE person has to crack it. Mean while those other 100 people just sit there whining and will eventually buy.
     
  14. smack

    smack Junior Member

    Joined:
    Feb 1, 2010
    Messages:
    182
    Likes Received:
    78
    Occupation:
    Software Engineer/Evil Genius
    Location:
    inside .NET
    the devil is always in the details. your vetting process for software is orders of magnitude above most other people i have dealt with. glad to see you can put your OCD to such positive use. ;)

    cracking really is a challenge for individuals or small teams in our industry. i've seen more good software get beat out by being stolen or cracked than i care to recall. consequently this is also why i rarely do any outside projects, the risk of your work getting plastered all over existence is just too high. the time constraints of adding proper and comprehensive copy protection are great as well and that has to be considered with the caveat that nothing is ever 100% secure. if large corporations like microsoft and adobe with millions of dollars and teams of people brighter than i am can't get something a 17 year old with a few basic tools can't break my chances are abysmally slim.

    another thing to consider is that the poorer quality software tools related to our industry tend to use a ham fisted tactic to accomplish their means. there is something to be said about using a light touch with a bit of finesse to make your money. it attracts much less attention making your life easier in the long run. so combine brute force with widespread distribution and you get problems.

    that's why having a SaaS style solution is so appealing. not only can you control distribution but also volume, this let's you dictate the influx of advertising while guaranteeing your service fee.