benr_mc at cogapp.com
Fri Jun 14 14:21:01 EDT 2002
on 14/6/02 7:02 pm, Ken Ray at kray at sonsothunder.com wrote:
> .... It's not something that is likely to be guessed, and it would
> be necessary to know in order to hack the algorithm.
Just a reminder that - in the current state of Rev - anything which has to
be known to the algorithm, is probably also known to anyone who looks at the
stack in a text editor.
If your algorithm depends on the 'hacker' not being able to read the code,
you might need to reduce it into chunks which can be compiled within the
starter kit limits, and store these zip compressed in properties. Then
you'd at least be restricting knowledge of the algorithm to those prepared
to invest in figuring out the MC format (or is it published somewhere)?
But as Kee has said, there's a level of paranoia which is pointless, and
better ways to spend the time. Most people will be put off by the very
simplest algorithm; most of those who won't, will be prepared (just for the
satisfaction of it) to hack whatever you come up with. A minority of the
minority falls between those two stools, and only a minority of them would
actually then pay for the product. For the sake of this fragment of the
fragment of the fragment of the user base, you have to expend a ludicrous
amount of effort (though I admit it can be fun, and in my younger days I
My dad is never going to crack your algorithm, nor will he use someone
else's reg code (you'll be lucky if he enters the legitimate registration
number in correctly, without ringing you - or more likely me - for help);
I'll crack your algorithm even though I have paid for it, just for the fun
of it (if I've got time!). (That goes double if you use an invisible file:
I remember going to a lot of trouble to find RealBasic's key file, even
though I'd purchased a full license; I didn't want to use or spread the
information anywhere, I just didn't like the idea of someone doing things on
my disk that I didn't know about.)
Spending time making your algorithm more complicated won't earn you more
money from either me or my dad.
The first retail product I was ever involved in, about fifteen years ago
now, I spent days devising a locking scheme, and created special software
that customised the master disk - requiring me to process every order
invidually. When we got a US distributor, I had to go over to install my
special software on his machine, and train him to use it. I think he sold
about a dozen copies - altogether we sold a few hundred. This was _not_
because millions of users were pirating copies; the product just didn't have
big market, and we should never have invested in it. We were still paying
off the debts of that product eight years later. Almost anything else I
could have done, including lying on the beach, would have been a better use
of that time. (In retrospect we should have given the software away for
free, and charged for support and the manuals, which were beautiful. Ah,
The last low-price retail product I was involved in, which was sold on CD in
a real physical package, had a registration card printed with the
registration number - a nice complicated string of a dozen or so letters and
digits. This was however a bluff - there were only two unique registration
numbers - one for every unit sold through the US distributor, and one for
all the others. We only used that difference as a convenient way to track
source on the registration database. By having the same number printed on
every card (the US ones had to be printed separately anyway, they had a
separate address to be sent to) rather than having a unique number printed
on each card, we saved something like a penny on the printing costs.
The product was revised annually for several years, and we changed the
registration number for each new edition. But guess how it changed? Each
year, we simply deleted a character from one end of the registration number
(we alternated biting off each end). Why? Because you can ask the printer
to scratch a character off the printing film - much cheaper than making new
film with a different number on!
Did some people rip off the product? I'm sure lots did, but we still sold
tens of thousands of copies each year. How many of those who ripped it off
would have purchased a legal copy if we'd gone to more trouble in this area?
My guess not many - and given that this was a low price product, by the time
the retailers' margin, distributor's margin, royalties to various content
providers, and manufacturing costs have been taken out, the profit per sale
was tiny. We'd have to have had made a _lot_ more sales to pay for an extra
day of my time programming.
The only reason we had a registration number was to discourage those who'd
ripped off the CD, and had some problem, from contacting technical support.
Any support call more than wiped out the profit from a sale, so while we
didn't expect to lose much money from people who ripped off the product
(because most of them wouldn't have paid for it anyway) we certainly didn't
want to spend money on them. (The registration card itself was worth the
cost of printing and processing because we mailed the user's next year, to
offer them the updated version directly at a discount - we made much more if
we could sell direct and cut out the retailers.)
The lesson: as Kee has said, we spent our time making a great product, and
improving it enough that some people would buy it over again the next time.
We made a bit of money, and had the satisfaction of our work, and the praise
we got for the visible effort put into the product and didn't waste our time
on invisible effort that didn't make things better for the people who
actually paid for our product, or our energies caring about the ones who
ripped it off.
Ben Rubinstein | Email: benr_mc at cogapp.com
Cognitive Applications Ltd | Phone: +44 (0)1273-821600
http://www.cogapp.com | Fax : +44 (0)1273-728866
More information about the Use-livecode