views:

174

answers:

3

I am writing a piece of software in C++ which is targeted at a market in which software is traditionally heavily cracked (or at least, attempted to be). I realise that nothing can be completely protected, however I feel that trying would be a good idea and also I think some of the specifics of the situation that I'm in might be helpful.

Firstly, it would not be annoying to the user that they must have an internet connection to use the software. I hate it when games etc. do this too, but the software requires an internet connection to function anyway due to its purpose, so this wouldn't hinder a normal user.

Secondly, it depends fairly heavily on external scripts written by me and/or supplied by third-parties, so I can have these stored on some website somewhere meaning that people who crack the software will have to also track down new copies of the scripts, which may annoy them into becoming legit.

Thirdly, new versions will, by definition due to what the app does, have to be released very often, weekly or every two weeks max. The program will obviously have an autoupdater, but since I am churning out (required to function) updates so often, any sort of key-based encryption or whatever could possibly have the keys/method change every update, and I am capable of breaking existing cracks when they do happen.

Does anyone know of any available solutions or techniques I could implement which fit the bill?

+1  A: 

I've previously used CrypKey successfully.

Mitch Wheat
+5  A: 

If you application is doing some sort of data processing or analysis, you can protect it by putting that part into a web service (maybe in a cloud) that your client application connects and authenticate to and then receive results from. So even if your client application is reversed engineered, it would be missing that important piece of processing.

If your application is web based, you get the same effect too.

tgiphil
A: 

I'm going to guess that older copies of the software are far less useful than the latest copy.

If that's the case, then you already have a powerful anti-cracker technology in place: your update mechanism. When you become aware of a hacked version of your software, then you can immediately check for it, and cause trouble for users of the hacked software.

Chip Uni
"Cause trouble"? You aren't planning on violating any laws or morals by damaging their equipment, are you? Even giving faulty results can backfire in a *huge* way: a bug leads to a paying customer being falsely detected; you didn't like working there anyway, right? A straight-forward "There is a problem (don't even mention cracking), contact Bob at 1-800-..." avoids this, and I bet you 99.9% of users that didn't pay for the software will never contact you.
Roger Pate