LiveCode Forums.

Do most of the Exe protection software programs out there like Armadillo, ASProtect, PC Guard work with Rev created executables?


It looks like PC Guard says right on their site it works with rev created apps, but I found there Demo warning dialog to be very non Customer friendly, doesn't even have place to put a link to your site where customer can purchase the serial needed (Isn't that the whole point, to sell the software). It looks like it has API and a DLL you can call, to make your own custome interfaces, but thats a little out of my league ond timeframe right now. Though if anyone has a library or plug in the made to work with PC Guard I would be most grateful, as PC Guards protection and functions do look good.

Hi Keyless,

I have always made my own installers and license mechanisms. This is relatively simple to do and since you have bought Revolution already, why spend money on another tool? If you make your own, you can make it exactly the way you want.

Best,

Mark

Hi keyless

Here's a site which you might find useful:

http://www.kagi.com/index.php

Best regards

Mark wrote:Hi Keyless,

I have always made my own installers and license mechanisms. This is relatively simple to do and since you have bought Revolution already, why spend money on another tool? If you make your own, you can make it exactly the way you want.

Best,

Mark

Yes I agree that is probably the best way to go, there is however one side to this particular project not done in rev and it will need protection too. I will kill 2 birds if I can get a of the shelf system to work with rev.

As it stands I could not get Armadillo to work with Rev made EXE, tried all kinds of settings.

PCGuard works, but the default interface leaves much to be desired. There are ways to create custom interfaces or call, but it looks like it involves.
using calls to GetEnvironmentVariable() Windows function (Win32 API). Is it possible to use this froma Rev app?

there also looks to be a Dll and lib, but I assume that unless I can access them form console I'm out of luck.

I might try downloading VS Express and try and create a interface, help file makes it seem like it is just creating a form with proper control ID's and saving as a exe or dll.

Dear Keyless,

You might store that non-Rev side of your project in a custom property of a stack and use a script to install the necessary components.

Best,

Mark

keyless wrote:

Mark wrote:Hi Keyless,

I have always made my own installers and license mechanisms. This is relatively simple to do and since you have bought Revolution already, why spend money on another tool? If you make your own, you can make it exactly the way you want.

Best,

Mark

Yes I agree that is probably the best way to go, there is however one side to this particular project not done in rev and it will need protection too. I will kill 2 birds if I can get a of the shelf system to work with rev.

As it stands I could not get Armadillo to work with Rev made EXE, tried all kinds of settings.

PCGuard works, but the default interface leaves much to be desired. There are ways to create custom interfaces or call, but it looks like it involves.
using calls to GetEnvironmentVariable() Windows function (Win32 API). Is it possible to use this froma Rev app?

there also looks to be a Dll and lib, but I assume that unless I can access them form console I'm out of luck.

I might try downloading VS Express and try and create a interface, help file makes it seem like it is just creating a form with proper control ID's and saving as a exe or dll.

@gyroscope - Yeah I've found a couple of payment services that do it like that, that is precisely how I want to distribute, trouble is that is not what most of the Protection Software companies are into now, they are more into Web Activation these days. Hate that makes one feel like the glory days of Shareware are over.

I've even come across a couple of shareware's trial maker apps, that did procisely what I want, only to fine the makers websites gone (vapor ware)

Mark wrote:Dear Keyless,

You might store that non-Rev side of your project in a custom property of a stack and use a script to install the necessary components.

Best,

Mark

Hmm interesting. don't know if that is going to work in this case, though I could do that with the VS created EXE if I need to go that route. Do you mean VB script to access the components?


I am really hoping I can some way call the GetEnvironmentVariable() function or maybe the protections interface DLL.

There does also seem to be a way to make the default interface just run in memory and not visibe. I wish there was a way to pass a serial number from a rev field to the serial number field on the default interface and submit, that would solve the whole thing.

I've looked into off-the-shelf solutions for software security, and now confidently roll my own because of two main factors:

1. Some of the systems are quite good, but ultimately every system is hackable. Rolling your own means a hacker must put in the time to discect your specific system, but with an off-the-shelf solution once it's hacked for one product the methodology can usually be applied to other products using the same system.

2. Most security wrappers are available for Windows only, so I'd still need to roll my own for Mac and Linux anyway.

When designing my own system I found the tips here very helpful:
http://www.inner-smile.com/nocrack.phtml

While written for Delphi developers, most of the info there is generally applicable to just about any language, and all of it's very though-provoking and useful.

Thanks Richard great info. Yeah the non-cross platform nature of the major protectors is a real bummer. I actually also unfortunatly found that most in fact do not work with rev executables anyway.

I certainly think a good homebuilt system would be good, but I really think it would take a huge anmount of time and development to get it right. Especially if you do have a focus on the Windows market, where the Warze release groups hone in on your PAD file and crack your software the day it is released.

...On with my PC Guard saga. I've been in contact with their support, and it seems the answer to my problem is to create a dialog in a dialog editor (using PC Guards Resource ID's) and then compiling that into a EXE (Suspect a C++ compile). The sent me a free resource editor called ReEdit to do this. Its actually quite easy to create the dialog (just like building a card in Rev) and add the correct resource ID's, this produces a .rc file. Now to figure out how to compile it into a executable.

As for using resources in program, did some investigating Rev's Environmental Variables compacities, and I'm not sure that Rev can see the sort of in process Envirenmental Variables that PC Guard is talking about, though their support keeps hinting that it should be trivial. I haven't been able to test much, but I do know that the Rev variable watcher doesn't see these varaibles when I run the protected program.

keyless wrote:I certainly think a good homebuilt system would be good, but I really think it would take a huge anmount of time and development to get it right. Especially if you do have a focus on the Windows market, where the Warze release groups hone in on your PAD file and crack your software the day it is released.

Actually, you should have three days before a crack appears.

That's the average amount of time between release and first crack for most commercial software, whether from Microsoft, Adobe, or small shops likes yours and mine.

If a developer is willing to spend a million dollars on security, such as the games industry does, it only extends the average to about 90 days.

A brief search on the web shows cracks available for PC Guard as well, though in all fairness I don't know how current those are. Even the Pentagon's servers get cracked; nothing is completely safe.

The bottom line is that when you have dozens of people (or with more popular apps maybe hundreds) focused on cracking your software, they will find a way in and there's nothing you can do about it.

One of the toughest lessons for new software publishers is to become comfortable with piracy. It will happen, and there's a point of diminishing returns with attempts to prevent it; it's possible to spend more protecting software than the sales lost.

And that's really the key: Remember that a crack download is not necessarily a lost sale.

In fact, many people who frequent crack sites have a "hoader" mentality, where they download stuff just for the sake of having it, but don't actually use it and would never bother even downloading it at all if a crack wasn't available.

I make a product for qualitative data analysis, one of the least interesting software categories around unless you're a sociologist. Like clockwork, within the first week of release a crack appeared on a Russian server and we had thousands of extra downloads. But I doubt any of those people were doing sociology research.

The percentage of people who might actually pay for a software product but would consider a cracked copy if available is very, very small. So small, in fact, that the Software Publishers Association does a a great disservice to their members by continuing to use their traditional methodology for tallying losses (counting every download as a lost sale). While this results in alarming numbers, it doesn't reflect anything about the psychology or buying habits of people in the real world, resulting in a statistic that is ultimately meaningless.

Most potential customers are basically honest. As long as you provide even a modest level of security to minimize the temptation of using it for free, and assuming that your product's pricing is reasonably low enough to demonstrate unquestionable value for the purchaser (a must with any product), most people willing to pay for software will pay for yours.

If your product is in a high-risk category (games or, ironically enough, music; music-making software is the second most commonly pirated category), it may be beneficial to consider a "phone home" system, in which your software validates the registration with a simple call to a CGI on your server. This gives you the opportunity to maintain your registration database easily, even as you later pick up distributors, and allows you to verify that a given key is used only once.

But for most software, I'd rather put the investment into features.

Beyond the most basic level security does little to drive sales, and complex security can even hamper sales. But features drive sales.

You'll get far more bang for your development buck maximizing the time you spend on features and marketing than worrying about a piracy problem that can never really be stopped anyway, and most of which will have no effect on your bottom line either way.

Richard, I'm definitly on the same page as you in fact I was trying to take it a step further by not spending any extra time and effort on the protection either and just purchase a protection I could slap on this project and all my future projects. Plenty of time for features when I don't have to make the security either.

I'm certainly not worried about warez, the 0day crack scene, or as you perfectly put, the "Horders" they would certainly not be customers. I would like to draw somewhere, so the cracks google rank doesn't match my download page's

I did finally get PC Guard to work for me (at least the trial part, still not sure about getting reporting from Envir. Variables), and am happy with the results. Maybe I'll get 90 day's

What I totally would love to see a simple rev made trial maker, that I could just slap on, alter some and instantly have cross platform trial version (man Trevor's framework is just screaming for this).

One good thing to do to piss crack users off a bit is to alter and rebuild your exe slightly, often, to change file size and don't change the version number on it. There is a strange code of ethics (or mayby quality control) with the major release groups, and one of the things they tend to do with patchers (crack installers) is to check the exe size first. Though with all the free web space out there now the original exe is oftain packed with the crack now.