We believe that technological enforcement of copy protection is not in the best interest of our customers.
We don't spend money and effort on marketing, complicated piracy protection, or other things that do not directly improve REAPER and the user experience.
atom wrote:Jules could you (in a moment of spare time) tell us about your struggle with those hackers that cracked Traktion, i mean what were your methods and how did they crack them. Just in general it sound interesting.
kurt6string wrote:What are the rest of you doing (or not doing) to protect your commercial applications?
chkn wrote:In the future the integrated code-signed app-stores in OSX/Windows will be much more importent. (If this is a good thing, is another story)
X-Ryl669 wrote:You can always use off-loaded registration like M$ does.
Basically, your code need to run some code that's directly downloaded from a server, and, in order to get such dynamic code, the software has to prove its genuine state to the server.
The checking code is now server based, and almost impossible to crack by hacker.
Obviously, the code sent by the server must be signed per-customer (and should do SHA256 checking of the software files / memory), so even if saved back by hacker while it reach his computer, it would be useless on a genuine copy.
This gives an additional advantage of knowing the size of your user base.
The *big* disavantage is that your server must be up 100% of the time (or you need to provide fallback in your software with missing functionnalities).
I even know people doing per-customer version of the software (that was generated while downloading the binary), so any crack would be useless.
I agree with Vincent however that if you intend to do something like this, you either have multi-month time to waste (and you should use that to improve your software) or already a very specific niche market and a glowing 6-digit bank account.
Daven wrote:So a hacker can buy a legit copy, gets the server code, does a memory dump, then what?
From my understanding, as long as there's a complete set of code that reaches a client system, and is runnable (i.e. decrypted), a cracker can repackage it removing the phone-home code and release a working standalone crack.
Daven wrote:Also, per-customer binaries don't offer protection - the cracker would just release the whole cracked executable rather than a patch or keygen - they'll just let you track the source of the crack, so you might be able to litigate.
Users browsing this forum: haydxn and 3 guests