You might want to be aware that the PalmPass Piracy program includes (very long) patches for some of your apps. George > I dare to say that your conclusions are wrong: > 1. It's not a protection if it can be breaked by patching a single > opcode. There should be no check: true or false. You should use a > submitted info (syncName or FlashID) as a key or password to decrypt > a vital information, eg initiating the code. > 2. Flashable - why can't your application be located in Flash and use > dynamically allocated memory or even stack to copy crypted code > there, decrypt it and make a call. > Again you can find an illustration on http://klyatskin.da.ru Code is > flashable while it is crypted and self-modifying. > > I do advise you to have a look at > > http://x4.dejanews.com/=hotbot/getdoc.xp?AN=464434822&CONTEXT=92522056 > 8.1207566347&hitnum=10 > > there is my reply to some opponents. You could find it to be useful. > > Regards, > Constantine > http://klyatskin.da.ru > ---------------------------- > Date: 27 Apr 1999 08:55:00 -0700From: Richard Hartman > <[EMAIL PROTECTED]> > Subject: RE: FYIAt the end of almost all protection schemes will > be a test -- did (whatever algorithm I chose) pass > or fail. You don't have to attack, or even understand, > the protection algorithm used if you can just change > the sense of that test by patching one opcode. > Of course, the protection mechanism could work > by actually encrypting the code and get around > that hole -- but then it would not be flashable > --------------------------- > > ______________________________________________________ > Get Your Private, Free Email at http://www.hotmail.com >
