Software Security

James Coplin james at ticalun.net
Tue Aug 17 17:56:56 CEST 2021 

What Tony says. I remember a Cubase crack from around a decade ago I think where the crackers said that about *half* the code base was calls to the USB hardware key. That's nuts from both a performance and maintanence perspective. Steinberg has announced they are moving away from hardware protection now. Slow lesson, long coming, but I suspect much better for everyone in the long run.

James

On Aug 17, 2021, 10:45 AM, at 10:45 AM, Tony Scharf <tony.scharf at outlook.com> wrote:
>Agree completely.  From the user experience side (which is important)
>things like iLok are just going to create additional support headaches,
>and those support headaches will probably offset your loss in sales.
>
>The best systems I’ve seen will rarely if ever phone home except when
>asked to for update purposes.
>
>I know a guy that makes plugins for a living, and every time Apple
>released a new OS, they had to spend a lot of time updating their whole
>catalog to update the copy protection.  A few years ago, they decided
>to drop the copy protection, and it didn’t put a dent in sales, but
>made a huge impact on their available resources.
>
>If you want, Matt, I can try to get you in touch with them.
>
>Tony
>
>Sent from Mail<https://go.microsoft.com/fwlink/?LinkId=550986> for
>Windows
>
>From: Jammer<mailto:jammer at jammer.biz>
>Sent: Tuesday, August 17, 2021 10:35 AM
>To: Music-bar<mailto:music-bar at lists.music-bar.org>
>Subject: Re: Software Security
>
>
>BOOM.
>
>Exactly this. I think people get really, REALLY convoluted in these
>things. All these crazy processes and obfuscation can introduce
>stability risks imho and for minimal real world gain. There isn't a
>system out there that hasn't been hacked. iLok et al are just silly
>imho.
>
>At best you're just going to to try to keep people honest, the people
>that use cracked versions were unlikely to pay for it anyway.
>
>Partial Key validation can be a good approach too.
>
>I just wrote my own based around public / private keys. Wrote a little
>tool to query my sales back-end and automates producing a key and
>emailing it to the user. Email has a button to click that launches the
>app and stuffs the code in. They don't even have to type anything or
>even copy+paste anything (unless it's web based email client). I also
>didn't want the user to *have* to have an internet connection, nor any
>calling home.
>
>Horses for courses though.
>On 17/08/2021 16:14, Joost Schuttelaar wrote:
>
>On 17 Aug 2021, at 16:07, Matt Picone
><matt at mysticworks.com><mailto:matt at mysticworks.com> wrote:
>
>
>
>Does anyone here have skills or know anyone who is strong in the area
>of development around audio software anti piracy?
>
>
>
>No expertise, but a very interesting topic!
>
>
>
>Aren’t most copy protection schemes quite trivial to break these days,
>when Mac’s for instance enforce memory as non-executable, and have
>features like address space randomization on by default? I remember
>that things like iLok basically do tons of self inspections to see if
>code was modified, right?
>
>
>
>I think the best copy protection schemes are: user loyalty, some quite
>useful cloud features and frequent updates (just make it hard to stay
>up to date…)
>
>
>
>Cheers,
>
>
>--
>Jammer
>WWW.JAMMER.BIZ<https://na01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.jammer.biz%2F&data=04%7C01%7C%7C1d31709880ec4ba3a52608d961948ed4%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C637648113100355766%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=NvSv8Gg0BJOTPLSo%2FRbV4jxL8CIA%2FyLwBbSQDQgX5dA%3D&reserved=0>
>
>
>
>------------------------------------------------------------------------
>
>_______________________________________________
>music-bar mailing list
>music-bar at lists.music-bar.org
>http://lists.music-bar.org/cgi-bin/mailman/listinfo/music-bar
>
>Listen to Music-Bar Radio! <http://www.music-bar.org/radio.html>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.music-bar.org/pipermail/music-bar/attachments/20210817/241312b8/attachment.htm>

More information about the music-bar mailing list