Software Security

Tony Scharf tony.scharf at outlook.com
Tue Aug 17 17:45:01 CEST 2021


Agree completely.  From the user experience side (which is important) things like iLok are just going to create additional support headaches, and those support headaches will probably offset your loss in sales.

The best systems I’ve seen will rarely if ever phone home except when asked to for update purposes.

I know a guy that makes plugins for a living, and every time Apple released a new OS, they had to spend a lot of time updating their whole catalog to update the copy protection.  A few years ago, they decided to drop the copy protection, and it didn’t put a dent in sales, but made a huge impact on their available resources.

If you want, Matt, I can try to get you in touch with them.

Tony

Sent from Mail<https://go.microsoft.com/fwlink/?LinkId=550986> for Windows

From: Jammer<mailto:jammer at jammer.biz>
Sent: Tuesday, August 17, 2021 10:35 AM
To: Music-bar<mailto:music-bar at lists.music-bar.org>
Subject: Re: Software Security


BOOM.

Exactly this. I think people get really, REALLY convoluted in these things. All these crazy processes and obfuscation can introduce stability risks imho and for minimal real world gain. There isn't a system out there that hasn't been hacked. iLok et al are just silly imho.

At best you're just going to to try to keep people honest, the people that use cracked versions were unlikely to pay for it anyway.

Partial Key validation can be a good approach too.

I just wrote my own based around public / private keys. Wrote a little tool to query my sales back-end and automates producing a key and emailing it to the user. Email has a button to click that launches the app and stuffs the code in. They don't even have to type anything or even copy+paste anything (unless it's web based email client). I also didn't want the user to *have* to have an internet connection, nor any calling home.

Horses for courses though.
On 17/08/2021 16:14, Joost Schuttelaar wrote:

On 17 Aug 2021, at 16:07, Matt Picone <matt at mysticworks.com><mailto:matt at mysticworks.com> wrote:



Does anyone here have skills or know anyone who is strong in the area of development around audio software anti piracy?



No expertise, but a very interesting topic!



Aren’t most copy protection schemes quite trivial to break these days, when Mac’s for instance enforce memory as non-executable, and have features like address space randomization on by default? I remember that things like iLok basically do tons of self inspections to see if code was modified, right?



I think the best copy protection schemes are: user loyalty, some quite useful cloud features and frequent updates (just make it hard to stay up to date…)



Cheers,


--
Jammer
WWW.JAMMER.BIZ<https://na01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.jammer.biz%2F&data=04%7C01%7C%7C1d31709880ec4ba3a52608d961948ed4%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C637648113100355766%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=NvSv8Gg0BJOTPLSo%2FRbV4jxL8CIA%2FyLwBbSQDQgX5dA%3D&reserved=0>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.music-bar.org/pipermail/music-bar/attachments/20210817/2a97b1d2/attachment-0001.htm>


More information about the music-bar mailing list