Re: Cracks/Key Generators

From: Walter Roberson (roberson_at_ibd.nrc-cnrc.gc.ca)
Date: 10/20/04

  • Next message: Wolfgang.Schelongowski_at_gmx.de: "Re: SSHD fatal mkstemp" 
    Date: 20 Oct 2004 18:36:16 GMT

    In article <547d92f1.0410200600.2e3257ee@posting.google.com>,
    karan <karan@iitk.ac.in> wrote:
    :Well,please elucidiate now that the question is clear.I have no
    :knowledge of cracks/keygens etc. How do they work?? Can it be
    :prevented?

    key-generators work by someone reverse-engineering your code,
    figuring out what data you manipulate to authenticate that a
    key is an authorized key, and writing a program to create those
    kinds of keys. The only way to prevent them is to not allow
    anyone outside your control to run your program (such as if
    all the real work of the program was done on a machine under your
    control, with what the user gets being merely an interface to
    talk to your program.)

    cracks work by someone reverse-engineerign your code,
    figuring out the point at which you make the decision as to
    whether the user is authorized or not, and altering the program
    binary at that point so as to use slightly different machine
    instructions that ignore the result of the authorization test
    and instead always take the "user was authorized" code branch.
    The only way to prevent them is to not allow anyone outside your
    control to have access to your program, just like above.

    :In reference to your previous post , what is a 'pad'?

    A 'pad' is a one or more pieces of paper loosely bound together but
    from which individual pieces may be easily removed from the top, with
    the pages either already written on, or else blank so that someone can
    write whatever they want on them. A modern example is a fresh stack
    of PostIt Notes (R).

    But that was the wrong question. What you want to know is what a
    'one-time pad' is. Put the phrase into your favorite search engine
    and read up on the topic. 

    -- 
What is "The Ultimate Meme"? Would it, like Monty Python's
"The World's Funniest Joke", lead to the deaths of everyone who
encountered it? Ideas *have* lead to the destruction of entire cultures.
   -- A Child's Garden Of Memes
  • Next message: Wolfgang.Schelongowski_at_gmx.de: "Re: SSHD fatal mkstemp"

    Relevant Pages

    • Re: Authentication from Active Directory and Database based user d
      ... coding jsp struts I'm sure there was a tag you placed around a control ... If you configure IIS to only use Windows integrated authentication for your ... you'll only need to worry about authorization based on assigned roles. ... I'm writing a web system ...
      (microsoft.public.dotnet.framework.aspnet.security)
    • Re: SetFocus in Form Undo event
      ... How does a user cancel an order or carry out the undo - how many different ... Certain suppliers require authorization, but most do not. ... relevant control unless authorization is actually required. ...
      (microsoft.public.access.formscoding)
    • Re: SetFocus in Form Undo event
      ... best for this), if it's value after undo is the same as its OldValue, then ... If the order requires authorization, ... there are no bound controls that I can guarantee would have ... I can't do this if the control has the focus, ...
      (microsoft.public.access.formscoding)
    • RE: Yet another thread on the legality of port scanning
      ... requires authorization should explicitly advertise the requirement for ... you must implement a mechanism of locking the door. ... The analogy of a port ... The access control mechanism implemented to control access would be ...
      (Security-Basics)