Reverse-Engineer RunRev Standalone?
Richard Gaskin
ambassador at fourthworld.com
Mon Jun 13 20:33:51 EDT 2005
Jay Listo wrote:
> Assuming the password chosen is "good" enough, what algorithm is
> actually used to encrypt the stack?
> This would certainly give a better idea of the degree of protection
> provided.
The current algorithm has been described as a variant of DES.
Stronger encryption methods have been invented since it was implemented,
and perhaps we'll see the encryption scheme change sometime.
But in the meantime, the level of programmer who can decrypt DES can
probably also figure out your algorithms just by using your program.
It's probably more cost-effective to do that anyway: in most cases it
doesn't violate copyright to do that, and I find it's often easier to
write code from scratch than piece together an understanding of someone
else's unless it's well documented.
Code obfuscation can help: make extra dummy handlers and name things
related to your product's security with misleading names, and spread
them out throughout the code base. Nothing can stop the ardent hacker
(game companies spend billions on security and hope for little more than
60 days before they expect to see a crack posted), but sometimes you can
annoy them beyond the benefit of bothering.
This Anti Cracking FAQ is good fun:
<http://www.inner-smile.com/nocrack.phtml>
--
Richard Gaskin
Fourth World Media Corporation
__________________________________________________
Rev tools and more: http://www.fourthworld.com/rev
More information about the use-livecode
mailing list