Re: Software protection

clark wrote:
On 15 Apr 2006 08:04:15 -0700, johnrthomas756@xxxxxxxxxxx wrote:

Can anyone suggest or recommend methods of limiting software use to
licensed users of a software product?
[...]

http://www.strongbit.com/default.asp

The product is called EXECryptor

[...]
There are theoretical cracks out there for EXECryptor but so far no
one has proven they can unwrap a package, and the guys working on
breaking it are seriously good at peeling back the layers on just
about anything.

Not quite true ... In the last year, their crackme was cracked, an app
called Golden FTP Pro was unpacked/cracked with a detailed tutorial, and a
couple other EXECryptor programs were cracked (can't remember their names).
Admittedly, I'm not sure which version all these things were using, but past
crack rates are often a good indicator of future revisions. Execryptor
itself has been cracked a few times, though I can't recall if EXECryptor is
protected with itself or not. So it's certainly not unbroken.

However, there are a few things going for EXECryptor. The first is the code
morphing thingee. It generates excellent spaghetti code which makes
determining the algorithm next to impossible. So even simple or
cryptographically insecure algorithms can be used. The second is that,
despite the successes above, EXECryptor is still one of the most hated - if
not the most hated - protectors around. ASProtect is another more-famous
option that still seems to be giving crackers a lot of trouble (the 2.x
versions anyhow). Short of the top fraction of a percent of crackers going
for it to make a point, crackers see them and say "nah, can't be bothered"
and go find something easier to do. And there's nothing you can really do
about that last fraction of a percent anyhow (for example the crack of
Cubase SX3 - 10 man-months of work to break it according to the nfo).

Another feature they have, which is becoming unique in this world of
hugely long hard-to-type serial numbers is the ability to use very
short (12-16 characters) easy typing alpha-numeric serial numbers.

The algorithm they are using (IIRC) is a vanilla HFE-minus signature scheme
with selectable key lengths. IIRC HFE- is secure, though with such a small
signature birthday attacks are possible (which for software protection
schemes aren't a huge issue). One thing I would do before I bought it would
be to double-check that they have secured rights to use HFE (which has been
patented in the US and possibly other places).

[...]

So, yeah, another vote for EXECryptor, but I'd recommend checking out
ASProtect (version 2.x, I think it's called ASProtect SKE) as well.

--
Michael Brown
Add michael@ to emboss.co.nz ---+--- My inbox is always open


.

Relevant Pages

  • Re: Software protection against cracks and piracy
    ... if you think EXECryptor can be cracked please try to find though ... Claims of being invincible protection encourage crackers to do so, ... License Control Center to view the applications the Emu supports. ...
    (microsoft.public.vb.general.discussion)
  • Re: Software protection
    ... licensed users of a software product? ... The product is called EXECryptor ... ASProtect as well. ... The stuff from ASPACK has been successfully attacked again and again. ...
    (sci.crypt)
  • Re: Software protection
    ... The product is called EXECryptor ... Short of the top fraction of a percent of crackers going ... ASProtect as well. ... The stuff from ASPACK has been successfully attacked again and again. ...
    (sci.crypt)
  • Re: Need a license component
    ... About Themida I found this: ... What about EXECryptor on exetools.com forum there's just only hot air. ... still open question for crackers. ... StrongBit Team ...
    (borland.public.delphi.thirdpartytools.general)
  • Re: Software protection
    ... licensed users of a software product? ... The product is called EXECryptor ... called Golden FTP Pro was unpacked/cracked with a detailed tutorial, ... I'm not going to provide a direct link to the Golden FTP Pro tutorial, ...
    (sci.crypt)