Hey,
Well my game for Nokia phones was released and then.. cracked:/
It took them <2months to crack it.. all in all I guess it was v.easy with a decent disassembler.
Anyone with ideas how to better protect software?

My current scheme looks pretty much like this:
1.Read phone IMEI number (special number unique for each phone)
2.Generate registration code
3.load cfg
4.check if registration code == code saved in cfg
5.if not - run shareware version

Of course someone created a keygen pretty fast:(

So what are your ideas to make this scheme better?

Currently my only idea is to create parts of registration code in unique code places and test there for it. (for example before games starts we test first 2 letters, after you select "play" we check middle 2 letters of registration code, after first level we check last 2 letters of registration code)
So possibly cracker would have a BIT harder time cracking it.. but

I guess it will just stop him for few h max... anyone with better ideas how to protect software?

2 months is actaully pretty good, most PC games don't get past the first week without getting some sort of No CD crack.

This might be totally off track, but if the keygenerator is a one way hash function are you "salting" the algorithm with a random number?

Well I guess my game just didn't fall into their hands sooner or they were v.busy.
(looks like there's only one cracking group for PDA/Phone cracks (all devices based on ARM cpu), but according to their info file they have cracked..."1600+ releases this year"(2002) huh :(

Unfortunately I know nothing about developing for Nokia phones. But I am pretty sure that your second approach won't be more difficult at all. I say that because I suspect that there aren't many ways to obtain the IMEI number you mentioned. Furthermore, I am sure they all are well documented. Knowing the API used to get IMEI numbers makes it very easy to track your program requesting them and figure out all the checks.

Bad news are that there is no way to create unbreakable protection. It's all about balancing your efforts against the time that crackers will spend cracking your protection and the cost of your product.

Good news are that it shouldn't hurt your sales very much if there's a crack for your game. Did you notice any decline in sales at all? People who look for cracks won't buy your game anyway. Period. Those who are honest and respect your efforts won't come down to using cracks. Make sure you do your best in respect to the honest audience and you should get fair results. That is, spend your time on making the game appealing to these people.

Back to the technical side of the question. I consider one protection scheme being the best available to us. It is based on encrypting parts of your program using part of the registration key as a cipher key for some asymmetrical crypto-algorithm like RSA. However it has the following restrictions/shortcomings:

a) Your game should have something disabled in shareware version, that is, you can't implement time limits this way.
b) You can't generate registration keys using data like IMEI numbers. If you do, hackers won't have any difficulties with getting the keys as in your current case.
c) Hackers will crack this protection easily if they get a valid registration key. They will decipher all encrypted parts using this key and will obtain the unprotected version of your game very quickly.
d) Your runtime environment (i.e. Nokia's OS) should allow your program to modify itself in memory.

Provided that this protection is implemented well, it is almost impossible to crack without a valid registration key or without extensive knowledge of what data is ciphered. I am not sure you can stand the mentioned restrictions though.

Hope that helps. Software protection is one of the everlasting topics. There's a plenty of information on it over the web.

Originally posted by MirekCz
Well I guess my game just didn't fall into their hands sooner or they were v.busy.
(looks like there's only one cracking group for PDA/Phone cracks (all devices based on ARM cpu), but according to their info file they have cracked..."1600+ releases this year"(2002) huh :(
Hmm… Looks like you should work on the marketing. If it took so much time for your game to fall into their hands then it’s not getting into the hands of 90% of your potential buyers. :)

bstone:nah, marketting isn't going bad... probably they had other things to do (lots of software is released for symbian/PPC devices)

About IMEi.. what's the difference? I need something to hold to.. I save IMEI in my cfg file so I don't have to call a sys function.. it doesn't change a thing actually. And without IMEI code I don't have anything to base my registration code generator on.

About your method.. it's a lot of hard work for me but in the end I don't see very much gains.:(

I don't think it has hurted my sales v.much.. but it had a small , at least, impact. Maybe I'm just more sad about the fact then about possible outcome.

To say the truth there are game companies that sell games without ANY protection and still get nice sale figures...

Ohh well, we will see in following months if I do get similar sales.
atm it's in about 70sales/month range... not much.

"c) Hackers will crack this protection easily if they get a valid registration key"

I don't know much about data security/encryption so I can't speak much about the technical aspects of your suggestion (I barely understood what you were talking about.) But limitation (c) you listed basically nullifies the usefulness of your copyprotection scheme. Getting a valid registration key is easy and it is easy to crack once you have a valid registration key, so putting 2 and 2 together it is easy to crack the protection you suggest.

Hmmm... I wonder why it isn't a criminal offence to crack software protection schemes and post them on the net? You would think people like Bill Gates would be lobbying for laws like this.

Most commerical software has a "no reverse engineering" clause in the EULA, so if you can track down the guy who did the reverse engineering, you can nail 'em that way. Also, there are laws on the books (in the US) that allow one to be found guilty of software piracy even though all they did was "crack" the software. A former co-worker of mine is currently in federal prison for doing that (on a large scale). So, I think there are plenty of legal ways to prosecute someone once you catch them cracking your wares (if they're in the US, anyway), but good luck catching them. :(

I think user's typically fall into two groups. You've got your average customers who know little or nothing about technology and just use the computer as a tool, and then you have your more die hard sophisticated type who's in with all the cracks etc... and would know to look for something like a keygen app. I also think the first group is much larger than the 2nd.

Since crackers can crack pretty much anything you write the 2nd group will always have access to a crack no matter what you do. The fist group won't go looking for one. So IMHO it's a waste of time to do anything too sophisticated. I think basically what you want to do is something that is simple enough to deter group 1 without bothering to go the extra mile trying to deter group 2. It's a question of diminishing returns.

Originally posted by MirekCz
bstone:nah, marketting isn't going bad... probably they had other things to do (lots of software is released for symbian/PPC devices)

About IMEi.. what's the difference? I need something to hold to.. I save IMEI in my cfg file so I don't have to call a sys function.. it doesn't change a thing actually. And without IMEI code I don't have anything to base my registration code generator on.

About your method.. it's a lot of hard work for me but in the end I don't see very much gains.:(
The difference is that hackers can obtain the valid registration key based on IMEI number. That's because the algorithm to generate it is already included in your app. If you see nothing else to base the key on, then look at PC scene. There's no doubt that using things like hardware/bios identification data to generate is a bad idea to base your registration keys on. To some extent this applies to IMEI numbers as well. Will your customer have to buy another the game once again if he/she buys new phone? Anyway PC scene developers find some ways to generate their keys. Sure you can too.

I didn't say it's easy. I said it's one of the best IMO. Really, I agree with svero. You should think carefully about bothering with that "extra mile".

Originally posted by jhocking
"c) Hackers will crack this protection easily if they get a valid registration key"

I don't know much about data security/encryption so I can't speak much about the technical aspects of your suggestion (I barely understood what you were talking about.) But limitation (c) you listed basically nullifies the usefulness of your copyprotection scheme. Getting a valid registration key is easy and it is easy to crack once you have a valid registration key, so putting 2 and 2 together it is easy to crack the protection you suggest.
If it's easy to obtain a valid registration key, then there's no need to crack the product. You can simply redistribute the key. That's exactly how many applications with sophisticated protection are "cracked". Besides, I've meant that the described scheme can be broken easier when hackers have a valid key. In fact it will be still harder to crack than average protection based on comparing the entered and expected keys.

I believe any program can be cracked (no ultimate protection)!

All I can say is to make it a little hard to crackers to delay their success and I think 2 months is really good :(

I see none of you have ever actually done any hacking at all.

There is no need to know any codes, reverse engineer any encryption, or do anything even remotely clever.

Where the program says "if (registration code is value) set mode = registered" the unskilled assembly hacker will merely adjust it to "nop; set mode = registered". It's so simple it hurts.

Cas :)

some Time ago, I read the post mortem of a game called spiro the dragon (or something like that) on gamasutra.

They present an interesting tactics. I suggest that you read the report.

In a nutshell, what you can do:

1. Checksum your program/parts of it.
2. While the program is running. check it periodically.
3. When you detect that something has changed, don't stop immediately. Stop at random times (to throw off the crackers) or try to access a null pointer (or something) and crash!

Be careful if you do this though. You don't your want program crashing on legitimate users!

This doesn't guarentee that your program won't be cracked, but it makes crackers really work hard ;)

I donno about random crashes. On the one hand I can see how that kind of thing works, but on the other hand I can also see how it would lead people to believe your game was unstable and not worth the price. I guess the question is, why should I care if people who stole my game think it's unstable? While I'm not in favor of people using pirated versions of my stuff, I have to also balance that with the fact that a lot of people who use pirated copies do go on to be legitimate customers, if not with the game in question, maybe with a sequel or another game. A lot of kids nowdays who pirate and literally can't afford to buy all the games they play will go on to become the customers of tomorrow when they're out of school, working and it's no big deal for them to go down to the corner computer shop and plop down 80$ on a new game just to try it.

You're right. One thing that they did was that sometimes Spyro the dragon will refuse to do something. Instead, it would show text saying that this was a pirated version, and they should buy it if they wanted to proceed futher.

Originally posted by pallavnawani
You're right. One thing that they did was that sometimes Spyro the dragon will refuse to do something. Instead, it would show text saying that this was a pirated version, and they should buy it if they wanted to proceed futher.

Sure that's better... but of course now the hackers have something to look for again so it loses the safety of being a seemingly random bug.

I just have to agree with Steve on the ROI for implementing complicated copy protection schemes. If you have a 30 days (or 60) money back guarantee that is definetly one of the most easy ways to get your software for free. I don't really see any point in copy protection with the business model most people here use.

And yes. I have done assemblers over the years. And yes. I am as fascinated as the next one about security and cryptography. I just don't see the point from a business perspective?