I'm planning to develop a .NET application using C#, in order to sell it as
a shareware and/or as a full package, so I'll need a good way to protect it
against piracy. I know some ways to protect it (activation, serial keys,
etc.), but my concern is: how can any copy protection mechanism work when
you can always disassemble it and read the source code? Even if I use a
native C++ DLL for my copy protection, the point where it's called from the
C# code can always be found.
Any good tips about this?
Thanks
Massimo 75 8267
Use a good obfuscator. It will atleast make it tough to disassenble.
I have benn using one from wiseowl and it seems to work pretty good.
Naveen Kohli http://www.netomatix.com
"Massimo" <ba****@mclink. it> wrote in message
news:%2******** ********@TK2MSF TNGP10.phx.gbl. .. I'm planning to develop a .NET application using C#, in order to sell it as a shareware and/or as a full package, so I'll need a good way to protect it against piracy. I know some ways to protect it (activation, serial keys, etc.), but my concern is: how can any copy protection mechanism work when you can always disassemble it and read the source code? Even if I use a native C++ DLL for my copy protection, the point where it's called from the C# code can always be found. Any good tips about this?
Thanks
Massimo
Massimo <ba****@mclink. it> wrote: I'm planning to develop a .NET application using C#, in order to sell it as a shareware and/or as a full package, so I'll need a good way to protect it against piracy. I know some ways to protect it (activation, serial keys, etc.), but my concern is: how can any copy protection mechanism work when you can always disassemble it and read the source code? Even if I use a native C++ DLL for my copy protection, the point where it's called from the C# code can always be found. Any good tips about this?
Yes - don't worry. Obfuscate your code if you particularly want to, but
I wouldn't bother going any further than that unless you're *really*
sure that:
a) There'll be lots of demand for pirate copies
b) There'll be technically competent people who are willing to spend
time decompiling your obfuscated code
--
Jon Skeet - <sk***@pobox.co m> http://www.pobox.com/~skeet
If replying to the group, please do not mail me too
You can check into obfuscating. But depending on the obfuscator, that might
not buy you much. Getting thru obfuscated code can be simple: http://www.atrevido.net/blog/PermaLi...b-fcc15eb297c3
The real way is to use a tool that does a lot more than just simple naming
obfuscation (say, type obfuscation as well, call obfuscation), encrypts your
assembly, and then, write really messed up code for the critical part. For
instance, you might try some tricks to fake your stack trace, use multiple
threads, etc. in the "serial checking" part.
Also remember, if there's demand, people will get through and crack your
app. Even MS Window's activation has been cracked (and the Windows
programmers are extremely intelligent).
--
Michael Giagnocavo
MVP www.atrevido.net
"Massimo" <ba****@mclink. it> wrote in message
news:%2******** ********@TK2MSF TNGP10.phx.gbl. .. I'm planning to develop a .NET application using C#, in order to sell it as a shareware and/or as a full package, so I'll need a good way to protect it against piracy. I know some ways to protect it (activation, serial keys, etc.), but my concern is: how can any copy protection mechanism work when you can always disassemble it and read the source code? Even if I use a native C++ DLL for my copy protection, the point where it's called from the C# code can always be found. Any good tips about this?
Thanks
Massimo
Very true. Just some random thoughts. I got to the point where all the fancy
stuff is a waste of time if your protecting against code modification or
round-tripping. You can use threads, jumps, or Egyptian carrier pigeons to
confuse, but it normally all comes down to one single "if" statement to
continue. This is one way to even get around RSA...just walk around it.
You can obfuscate to help keep logic and secrets hidden so they ~can't
generate external key gens or repro your license stuff, but if they will mod
the code, then none of that really matters. So your really protecting again
those that don't/can't mod the code - the others you can't really stop (not
even with smartcards, strong names, etc.). Most of your protections will be
in a single constructor, so not too hard to drill in on that. In this case
obfuscation still helps a bit as it makes it harder to figure out where/what
to mod the code(hopefully) . Some obfuscators also help prevent ildasm to
raise the bar even farther.
--
William Stacey, MVP http://mvp.support.microsoft.com
"Michael Giagnocavo [MVP]" <mg*******@atre vido.net> wrote in message
news:er******** ******@tk2msftn gp13.phx.gbl... You can check into obfuscating. But depending on the obfuscator, that
might not buy you much. Getting thru obfuscated code can be simple: http://www.atrevido.net/blog/PermaLi...b-fcc15eb297c3 The real way is to use a tool that does a lot more than just simple naming obfuscation (say, type obfuscation as well, call obfuscation), encrypts
your assembly, and then, write really messed up code for the critical part. For instance, you might try some tricks to fake your stack trace, use multiple threads, etc. in the "serial checking" part.
Also remember, if there's demand, people will get through and crack your app. Even MS Window's activation has been cracked (and the Windows programmers are extremely intelligent).
-- Michael Giagnocavo MVP www.atrevido.net
"Massimo" <ba****@mclink. it> wrote in message news:%2******** ********@TK2MSF TNGP10.phx.gbl. .. I'm planning to develop a .NET application using C#, in order to sell it as a shareware and/or as a full package, so I'll need a good way to protect it against piracy. I know some ways to protect it (activation, serial keys, etc.), but my concern is: how can any copy protection mechanism work when you can always disassemble it and read the source code? Even if I use a native C++ DLL for my copy protection, the point where it's called from the C# code can always be found. Any good tips about this?
Thanks
Massimo
"William Stacey [MVP]" <st***********@ mvps.org> ha scritto nel messaggio
news:em******** ******@TK2MSFTN GP14.phx.gbl... Very true. Just some random thoughts. I got to the point where all the fancy stuff is a waste of time if your protecting against code modification or round-tripping. You can use threads, jumps, or Egyptian carrier pigeons to confuse, but it normally all comes down to one single "if" statement to continue.
That's exactly my point of view on the subject.
So, in a higly disassemblable environment such a .NET (or Java, for that
matter), isn't there any way to really protect applications against piracy?
Massimo
Massimo <ba****@mclink. it> wrote: "William Stacey [MVP]" <st***********@ mvps.org> ha scritto nel messaggio news:em******** ******@TK2MSFTN GP14.phx.gbl...
Very true. Just some random thoughts. I got to the point where all the fancy stuff is a waste of time if your protecting against code modification or round-tripping. You can use threads, jumps, or Egyptian carrier pigeons to confuse, but it normally all comes down to one single "if" statement to continue.
That's exactly my point of view on the subject. So, in a higly disassemblable environment such a .NET (or Java, for that matter), isn't there any way to really protect applications against piracy?
Well, there's protection and there's protection. There's no foolproof
way of protecting software whether it's Java or native code. You can
make things harder by using an obfuscator, but if the code is going to
run on a user's box, that user can (with appropriate skill) work out
what it's doing.
Usually, however, the concept behind a piece of software (which is
plainly visible anyway) is more important than the implementation, IMO.
--
Jon Skeet - <sk***@pobox.co m> http://www.pobox.com/~skeet
If replying to the group, please do not mail me too
You can skip MSIL and compile directly to machine code if you want. In
fact, you can obfuscate and then compile to machine code for double
protection. You don't have to release your program in MSIL. However, if
you do go straight to machine code then you will loose the cross platform
benefits of MSIL. That means you will have to complie separate assembiles
for PC, MAC and so on.
-Robby
"Jon Skeet [C# MVP]" <sk***@pobox.co m> wrote in message
news:MP******** *************** *@msnews.micros oft.com... Massimo <ba****@mclink. it> wrote: "William Stacey [MVP]" <st***********@ mvps.org> ha scritto nel messaggio news:em******** ******@TK2MSFTN GP14.phx.gbl...
> Very true. Just some random thoughts. I got to the point where all the > fancy > stuff is a waste of time if your protecting against code modification > or > round-tripping. You can use threads, jumps, or Egyptian carrier > pigeons > to > confuse, but it normally all comes down to one single "if" statement to > continue.
That's exactly my point of view on the subject. So, in a higly disassemblable environment such a .NET (or Java, for that matter), isn't there any way to really protect applications against piracy?
Well, there's protection and there's protection. There's no foolproof way of protecting software whether it's Java or native code. You can make things harder by using an obfuscator, but if the code is going to run on a user's box, that user can (with appropriate skill) work out what it's doing.
Usually, however, the concept behind a piece of software (which is plainly visible anyway) is more important than the implementation, IMO.
-- Jon Skeet - <sk***@pobox.co m> http://www.pobox.com/~skeet If replying to the group, please do not mail me too
"Robby" <ed****@not.my. email.com> ha scritto nel messaggio
news:Ot******** ******@TK2MSFTN GP12.phx.gbl... You can skip MSIL and compile directly to machine code if you want. In fact, you can obfuscate and then compile to machine code for double protection. You don't have to release your program in MSIL. However, if you do go straight to machine code then you will loose the cross platform benefits of MSIL. That means you will have to complie separate assembiles for PC, MAC and so on.
Didn't know about this; how can I generate machine code? I was talking about
a Windows application here.
Massimo
"Jon Skeet [C# MVP]" <sk***@pobox.co m> ha scritto nel messaggio
news:MP******** *************** *@msnews.micros oft.com... Usually, however, the concept behind a piece of software (which is plainly visible anyway) is more important than the implementation, IMO.
I agree on this, but I'm not talking about protecting intellectual rights
(i.e. algorithms), but the software itself, which can be easily copied.
Massimo This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics |
by: Jose Jimenez |
last post by:
Hi Folks I wonder if somebody can help me to copy protect a C program that
runs under ms-dos compilated with djgpp... and gcc
I have seen www.sofpro.com for references but the software has several
weakness
thanks in advance for any help
|
by: Massimo |
last post by:
I'm planning to develop a .NET application using C#, in order to sell it as
a shareware and/or as a full package, so I'll need a good way to protect it
against piracy. I know some ways to protect it (activation, serial keys,
etc.), but my concern is: how can any copy protection mechanism work when
you can always disassemble it and read the source code? Even if I use a
native C++ DLL for my copy protection, the point where it's called from...
|
by: John Dann |
last post by:
Seems like the copy protection (ie licensing/antipiracy) tool that I
used with VB6 isn't very compatible with VB.Net. Anyone have a
recommendation for one that works well with VB.Net applications? Only
basic protection is really needed, so simple to use and cheap are more
important than absolute protection.
JGD
|
by: Pioneer |
last post by:
Hi,
I would be installing a desktop application on a standalone PC.
How do I make sure that owner should not be ableto copy that and/or
give it to other folks.
In short, how to build measures to avoid piracy?
User ID/Password is one of the ways. But that can anyway be shared.
Thansk for your inputs.
Regards,
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look !
Part I. Meaning of...
| |
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For most users, this new feature is actually very convenient. If you want to control the update process,...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own....
Now, this would greatly impact the work of software developers. The idea...
|
by: conductexam |
last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one.
At the time of converting from word file to html my equations which are in the word document file was convert into image.
Globals.ThisAddIn.Application.ActiveDocument.Select();...
|
by: TSSRALBI |
last post by:
Hello
I'm a network technician in training and I need your help.
I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs.
The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols.
I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...
|
by: 6302768590 |
last post by:
Hai team
i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
| |
by: muto222 |
last post by:
How can i add a mobile payment intergratation into php mysql website.
|
by: bsmnconsultancy |
last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...
| |