antiwa1.htm: Rob's (and others) <b>views on software protection</b>: a game of lesser and lesser returns for time invested

Back to protec

1 June 1999
views on software protection (by Rob and others): "a game of lesser and lesser returns for time invested.
There are always going to be those with more time on their hands than you have, who crack it"
read and enjoy!

Rob ~ Devin

Courtesy of fravia's searchlores

Rob
I really don't think you need to know much (if anything) about assembler to do well in shareware (and make a good living for that matter) and make adequate protection.

There are several levels of protection, each with their own tradeoffs in time spent on making it, and protection they offer (balanced with the level of protection you need, something much overlooked!). To take my own software: It has some protection, one needs a registration key to make it work. There have been key generators out for it for ages, yet my sales have only gone up over the years and I certainly can't complain. The moral of this story is that I believe a bit of protection can go a long way in that it makes people think of registering and lots of them actually will. This in contrast to having no protection at all. Others have experimented with releasing the exact same program through different channels with the only difference being one stopped working after a while (and needed a key), the other just had nag screens telling users they really should register by now. Turned out most people will not register unless there is a compelling reason to do so (ie. it stops to work and they need a key). Of course, a number of those in need of a key will get it from a warez site, but my own experience shows there's still a large group that'll buy a key.

I'm moving to what I see as the next level of protection, making it hard to make key generators, and building in ways to block stolen keys in subsequent releases. This can be done using public key encryption, and doesn't require assembler at all. The consequence is that to crack the program the warez scene has to bring out patches rather than just release keys. This is a whole different ballgame, and far fewer user will want to run a patch vs. typing in a fake key.

Beyond this one can add more and more code to make debugging/disassembling/patching the software harder and harder. While interesting, this is a game of lesser and lesser returns for time invested. There are always going to be those with more time on their hands than you have, who crack it. Personally I'm more interested in spending that time in furthering my business, and believe that yields more (monetary) returns when compared to spending it on coding the ultimate protection.

There you have it! My views on software protection. Of course, feel free to disagree...

Rob
-/-

Devin
I work as a programmer in a large company with several hundred employees, I have briefly mentioned cracks around the office, I have found that most people don't even know what it means.
They think you're talking about some kind of drug.

The few that have heard the term told me it wasn't worth the bother to try to find a crack. They'd just rather pay for it and be done. I know maybe three people in our company who look for cracks.

From what I've been told some people spend days and weeks even looking for crack for $15.00 shareware program. Now when you consider that the guys are making 30plus an hour it sorta of doesn't make sense does it?

For the most part, most people I know say programs are cheap enough that the time searching for a crack especially if its going to take a long time just isn't worth it.

Frankly I think the time spent on writing better protection would be more helpful than trying to shut down a crack site for a few days and we all know that's all you will succeed in doing.

I don't think its worth the effort. Better to spend the time on making a better program with a tougher code to crack.

Devin