Nadav Har'El wrote on 2003-08-20: > > I don't see what can you gain from the cryptography here. > I meant that it doesn't help much against cracking with an assembler debugger; I agree that it's a stronger obfuscation against less determined users.
> Well, the idea with signed license files is that you don't need to send > the user a new program - only a tiny license file - when they acquire a > new license. > Now that I think of it, all shareware/crippleware programs use some sort of "cryptography" do tell apart valid keys from invalid ones, it's just that most don't use strong cryptography and are easily defeated by simple "key generators". > The user also doesn't need to be online to use this license > (according to Murphie, you end up needing to use your license > exactly when your network connection is down :( ). Law of copy protection: The effectiveness of any such scheme is bounded by O(log(user inconvenience)). Trivial key-based protections are broken by somebody publishing his license key online and all the world using it for all their copies. So it's only worth anything at all if it's personalized in some way. If you take the timestamp when the license is issued, you are too easily fooled by moving the clock (or just somebody posting a new license file once a month). If you take the ethernet card number, users without cards or switching them will be outraged (and you can still be fooled by mis-reporting the card number through some LD_PRELOAD hacks or DLL/VXD equivallents). No way round the above law... -- Beni Cherniavsky <[EMAIL PROTECTED]> A word of warning about matrices - *each column must have the same number of elements in it*. The world will end if you get this wrong. -- EQN user manual, Brian W. Kernighan & Lorinda L. Cherry ================================================================= To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
