What can a person do to have a site shut down for having illegal stuff, like, for example, a crack to a program? I should say MANY cracks to MANY programs, but there is one crack on this particular site that bothers me http://www.aota.net/ubb/frown.gif. Not an FQ site, of course, but I figured someone here would know the steps to take to get this site shut down. I already wrote the administrative contact of the domain (crackstore.com) and the person taking credit for the crack.

A user of my program sent me the crack. At first I though it was a joke, then I ran it. That's when my heart sank. I have been throwing stuff, can't hold a cigarette still, typing so fast......

I'm very upset, to say the least... I don't know what to do. For every person that downloads that crack I lose $30.00!!! I would just love to put my hands around this guys.....

Never mind that. But how can I have a site shut down? I know it's hard to prove that a crack is illegal by itself, if it's not distributed with the program, but there must be something I can do!?!?

ANyway, there's more stuff I need to throw right now. I'll be back here when I've calmed down a bit.

Justin http://www.aota.net/ubb/frown.gif http://www.aota.net/ubb/frown.gif http://www.aota.net/ubb/frown.gif

Hey Justin,

Crack sites are illegal from what I understand.... but I am not a lawyer able to give professional advise by any means.

The advise I can give you is:

1. When posting about "this site" feel free to use their URL so others can know what site they want to avoid... or talk poorly about.

2. Do a whois lookup on the domain name and find out who their provider is. Email the host of the site... DO NOT email the host until you are all done throwing pillows at trees and have calmed down enough to develop a well laid out, short, sweet, to the point, professional email explaining that you find this to be illegal and you will involve the host as well as the site owner if no steps are taken to prevent this.

3. Understand that the host can not "MAKE IT STOP" it would be unreasonable to expect them to check each and every file on their server to make sure it is what it says it is. It's to easy to name the crack "letter_to_mom" or whatever....

4. Stay angry but do not let it stop you from producing excellent software! Warez serves more then the purpose of just thieving software (all you developers out there don't hate me for what I'm about to say please) but warez can also be a way to find fixes to bugs as many crackers are pretty good at enhancing the programs which in turn gives you some free work.. it also helps get the word out about your program... a crack distributed to 50 people may actually gain you 10 sales that wouldn't have known you existed before. At the same time, you are right in noting that it lost you 40 others http://www.aota.net/ubb/frown.gif

You may want to work on your registration area of the program also.... I don't think any package is going to find a sure fire way of preventing the theft.. but many are starting to make it a whole lot more difficult!!

http://www.aota.net/ubb/frown.gif very sorry to hear this is happening to you... rest assured you're not alone.. I assume every developer has it happening to them in some form or another...

Keep fighting the good fight
Deb with no good answers

I did the whois lookup and wrote to the administrative contact and the technical contact, which happens to be an ISP in southern Florida, bridge.net. Also, I read their "Acceptable Use Policy" before writing them, and of course, cracks and warez are not allowed. What do they expect to find on www.crackstore.com, anyway?

As for the registration routines, I admit it was simple in the first version. I never found a crack before, so I didn't change the algorithm, but I did make the program do a random number of string compares, comparing the entered code to a random string, and somewhere in the middle of all of this randomness it compares to the actual code, based on the person's name. This will make using SoftIce or another debugger a nightmare. Altogether there are between 5000 to 10,000 compares being done.

All of this does no good when you don't change the algorithm from the previous version, which is the one that was cracked. I only did that to save my regged users from having to enter in a new number. I even made the new version automatically register them if the old version was!!! What an idiot I am.

I've read all about reverse engineering, and I have used this knowledge to attempt to defeat the crackers, but I should've changed the algorithm. In the old version, I could probably crack it myself. So all of these people with the cracked version can upgrade as seemlessly as a registered user!!!

Another thing the program does is it validates the reg code every time you start it up, instead of storing a flag that it's registered. And the code is based on the person's name, and it's anywhere between 16 and 25 characters in length, letters and numbers. But of course they can just use the old version to crack and then use the reg number in the new one. http://www.aota.net/ubb/frown.gif

I am just so frustrated right now. I'm rambling because it's helping me to calm down a little. I just know that the site host is going to do absolutely nothing about it. Besides that, it is probably at a thousand other sites.

I know - I am going to recompile the program to not accept that reg number at all, and even fail to function afterwords. That will keep new users from being able to use it http://www.aota.net/ubb/smile.gif

Gotta go program...

Oh, any programmers might want to check out http://www.crackstore.com/ and see if your program is there. If so, email the cracker, the site host, everyone involved http://www.aota.net/ubb/smile.gif

Don't SPAM, of course, we wouldn't want Hormel on our backs!!! http://www.aota.net/ubb/smile.gif


------------------
Justin Nelson, SFE Inc.
http://www.vdj.net

Hello Justin - I can say that you are fighting an uphill battle... I feel your pain as I am a software developer as well, just not commercial, FQuest only...

SoftIce used to be my most beloved tool for many things (e.g. tracking down those really nasty Win95/98 GPF's via stack investigation and back traces)... The problem that you are going to have is NO matter how difficult you make the 'compare' routines - it all boils down to one simple basic fact, *it either passes or fails*... If you find the spot that tests for validity, you can easily (90 NOP) the test, or just munge the test with (1 == 1)...

IMHO - you best defense is to use an encryption algorithm, that uses the result of the 'compare' routines to decrypt the rest... At least then, it is on magnitudes of greater difficulty to crack... The defeation to that scheme is for someone to actually register, and then enter the valid User/Pass/Reg into a crack database... http://www.aota.net/ubb/frown.gif

There are some **very** successful protection techniques that stem the tide of cracks... Finally, one company got a clue and started doing it right -- Oil Change... Unfortunately, their methods involve the basis that the programs working data needs to be updated frequently - meaning the client has to go back to the company to d/l the updated program data files... This allows them to monitor the registrations being used, and if they see 20 different people login with the same reg, they can easily deactivate that registration - forcing the *valid* software owner to apply for a new code (e.g. some computer tech goes onsite to install your software, snagging the reg code in the process)...

Just my 2 cents on the whole issue and possibly a couple ideas along the way...

--
Terra
Systems Coder
FutureQuest

Hi,

cracks are a bad thing. I once fought against these sites, but getting them down is nearly impossible. Most have a web-provider located in Eastern Europe or Far East and these people just don't care about that matter.

So I decided to check my referer log very closely to check when a new crack arrives and immediately upload a version where this crack doesn't work.

It seems that many people browse these crack sites and download the software and the crack at the same time. The moment I upload a changed non-crackable Version, the crack site is just doing free ad for me. Of course, I still write to webmasters, geocities, hypermart, xoom, aol, etc. Sometimes a site disappears, sometimes not.

It's also a good idea to do something against easy cracking. You can compute the CRC of your executable and compare it to the original value. That never stops cracking, but it considerably slows down the rate of appearing cracks. I've not seen a new crack since I employed some anit-crack methods. It seems that some of these crackers shout much louder than they really are. If they find the assembler instruction to change and find that the software still doesn't work, some give up.

I suggest, you program a routine that runs the offending crack useless. Just replace the files to download (no new version needed) and everything is ok (for the moment).

Meikel

The problem is that they apparently cracked the algorithm. It's a username and reg code that is posted on this site. And it's not a registered user. I have a database of all of my regged users (yes, all 11 of them) and the first name is "Magic Mike", last name "[EVC]", which stands for Ebola Virus Crackers. I just changed the scheme to reject illegal characters, like the brackets and spaces, and also to reject the particular code as well. It will just show it as an invalid code.

I know that it's an uphill battle - I will admit that in the past I have cracked a program or two - SoftIce, PSEdit and WDASM32 were among my favorite programs to use. But that was a couple of years ago. The shoe is on the other foot now... and it doesn't fit well at all http://www.aota.net/ubb/frown.gif

At least now, anyone downloading VDJ for the first time from my site will not be able to use that reg number, or any other numbers that contain illegal characters in the names. It's a start.

My next version is going to be a lot more crack PROOF. Well, resistant anyway.

I like the other ideas, and I am thinking of making certain functions dependant on the actual code / name combination. Also, no confirmation if it's good or bad. It will just stop after 30 minutes as it does unregistered. So the cracker will have to wait 30 minutes between tries, to see if successful. Oh, and of course, I will change the algorithm!!!

One other thing: Next version will be 2.0. I give all regged users free upgrades to any 1.xx version, so now they will have to pay again, maybe at a discount, but this was what I decided at the beginning. As soon as I find a crack, it goes to 2.0. I might not do that, though, I guess it depends on how many registrations I can pull off.

What sucks is that I've had a LOT of downloads, and only the 11 registrations. Makes me wonder how many people used the crack.

The person that gave it to me was using it; some 15 year old who actually thought it was funny. He slipped and said that he was using the "Freeware" version in a chat. I said "What do you mean 'Freeware'?" and I talked him into fessing up, and he sent me the crack. That's when the keyboard hit the 'fit hit the shan', if you know what I mean.

Ok, I'm going to shut up for a while. I do know that most people who use a crack probably wouldn't have bought it anyway, and it does make the program more popular. I guess I can be flattered that someone found my program useful enough to want to crack it http://www.aota.net/ubb/smile.gif Besides, that's why Microsoft's protections are so weak in everything except for Windows, the one thing that they have cornered. I was going to give example, but I probably shouldn't.

I have to say that I have never once posted a crack - back then, I figured that if you didn't know how to crack yourself, you didn't need it that bad. Also, I wouldn't have ever purchased any of them anyway, as most of them were just too expensive. Of course I don't do that anymore, nor do I have any warez on my hard drive anymore. But the people who search the web for cracks are considered lamers by me, always have been, always will be. That's what the 15 year old Australian did. And he even wrote me on the 14th asking what time the new version was being released! It was the 15th in Australia.

Oh, well, I think I said I would shut up about an hour ago, so I'll just do it now.

Justin
-- Shareware programming isn't all it's cracked up to be ---

I agree with Meikel, running a self-crc check on yourself will deter the wannabees...

This will at least stop the simple instruction changes, and force the would be cracker to recompute a new CRC value for your program... On the flip side, if your self-referential checking is weak, then that can easily be sidestepped as well...

I couldn't find the URL, but a definitive *underground* source for this is 'Fravia's Reverse Engineering'... I utilized the info there when I was trying to figure out the guts of the Win95/98/NT Kernel API for troubleshooting client problems (Network and Systems consultant)...

My knowledge about cracks and stuff comes from my knowledge of Intel machine language, and understanding how C source code is compiled... I have, at times, had to isolate bugs in Microsoft software (raw machine code) to fix/patch something they didn't perceive as important, yet my client did and paid top dollar for me to do so...

--Terra
--Just say NOP to cracks--
FutureQuest.net

Justin,

The problem is that, what's illegal here is perfectly legal in other countries, and since the Internet is a "free speech" you won't be able to shut them down. The best thing to do is not support them. Places like FQ is the first step, banning this sort of thing, but it takes more.

You can't stop it. I remember when I had a Comode 64 (lets you know my age) and they came up with a copy protection that put a bad sector on the disk. For about 2 months nobody could crack this kind of protection, then someone did, not only that, but the copy program played music while it copied. Just as sure as you put something better in there, it gets hacked. Just make an awsome program. (how about a random time from 30 to 60 mins)

Just remember one thing...How many people have registered your software and does there registrations make you want to release more versions? I remember that when I actually received my first registration on something that I wrote, it gave me a warm fuzzy feeling inside. People are going to pirate stuff, but there are a few people who pay for what they use. Write for them.

By the way, Microsoft uses the same scheme for it's OEM and CD releases. Windows 98 uses a new scheme, but we don't yet install that, so I don't know if there is a generic key for it. The generic key that works on Office will also work on Windows 95. Microsoft knows it's gonna make money.

I'm sorry it happened to you.

Mike

------------------
www.webauthorities.com (http://www.webauthorities.com)
"To continue press any key"...Where's the anykey?

http://fravia.org

Ahh, Fravia's pages of reverse engineering. Spent many hours there, trying to read every word on his huge site. Yes, that's where I get a lot of ideas. He even has a section for shareware programmers with tips and tricks to help against cracking. It's one of my bookmarks (actually, it has carried over from my cracking days)

Only, I have to remember to use Netscape or Opera, because a lot of his pages are IE hostile. Be carefull...

Give a man a crack, and he'll be hungry again tomorrow. Teach him how to crack, and he'll never be hungry again. - +ORC

I've read +ORC's entire How to Crack series before and after becoming a programmer. So I am very familiar with +ORC, Fravia+, Greythorn, and the whole +HCU cracker group. I almost joined them...

But I now use that info for the opposite purpose. Life is funny sometimes. First I hated shareware, nag screens, etc, and now I'm making them and getting mad when someone cracks mine.

I need to earn a living somehow, though, and I figured since I love programming, the internet, etc, that this would be a perfect way. And I'm sure that one little crack won't kill my bank account.

I have released a new version every month for 3 months now. Maybe I'll just keep doing that, but change the algorithm each time. That way, a crack is good for only a month, assuming it's cracked the same day it's released. And I would be flattered if they crack each new version each month. It would show that people really like VDJ.

Oh, well, I'll survive. Now that I've cooled down (amazing, with Slayer on repeat all day) I guess it's not that big a deal, and I always knew that a crack was inevitable. I know where to find cracks for any program - why would mine be any different? Besides, other software companies aren't broke because of it http://www.aota.net/ubb/smile.gif

I might make the codes based on the user's hard drive serial number, like Audio Grabber does. That makes it difficult to use the same number on different computers. Hmmm...



------------------
Justin Nelson, SFE Inc.
http://www.vdj.net

I remember when I had a Comode 64 (lets you know my age)

Hehe - I learned BASIC on a Commodore Vic-20 that I still own. I was 5 at the time (23 now), and I wrote a tic-tac-toe game. ****ed commodore beat me every time...

------------------
Justin Nelson, SFE Inc.
http://www.vdj.net

Be careful with that, everytime the user formats his hard drive, he gets a new (random) serial number. My fiance goes to Virginia Tech and they have a program called Transom Jack and it uses the serial number, well to make a long story short, someone accidently formatted the drive and Jack didn't work and the company who writes the software wanted to charge another $500 to replace the key.

My 2 cents worth

------------------
www.webauthorities.com (http://www.webauthorities.com)
"To continue press any key"...Where's the anykey?

There's a small DOS program somewhere to change the drive serial assigned by dos/windows-format. Many times, it saves the day http://www.aota.net/ubb/smile.gif

Meikel

I forgot about formatting - I do that every time I decide to reinstall. That would screw things up. I would gladly give the paying user a new code, provided that I can verify it's them, but I think I'll stay away from that idea for now.

Anyway, I just silently uploaded a recompiled version that will not accept that reg number or a name with spaces, brackets, etc. That will kill future users' ability to use that code. I hope. Of course, there is no other difference (except that I forgot to change the file date).

Justin

I never knew jus how detailed the stats were (hey, stats spelled backwards is stats! Just like racecar!)

Anyway, I didn't know it would show the search strings. I have had a lot of people looking for "vdj studio crack", "virtual dj serial", etc., and I guess they ended up at my site... Wierd. WHy would they go to my site after looking for a crack? Well, a few did anyway. All at altavista, too.

But no links so far from www.crackstore.com, and there is a link on that site. That's good, I guess.

The creator of THIS PAGE or the ISP(s) hosting any content on this site take NO responsibility for the way you use the information provided on this site.These files and anything else on this site are here for private purposes only and SHOULD NOT BE DOWNLOADED OR VIEWED WHATSOEVER! If you are affiliated with any government, or ANTI-Piracy group or any other related group or were formally a worker of one you CANNOT enter this web site, cannot access any of its files and you cannot view any of the HTML files. All the objects on this site are PRIVATE property and are not meant for viewing or any other purposes other then bandwidth space. DO NOT ENTER whatsoever! If you enter this site you are not agreeing to these terms and you are violating code 431.322.12 of the Internet Privacy Act signed by Bill Clinton in 1995 and that means that you CANNOT threaten our ISP(s) or any person(s) or company storing these files, cannot prosecute any person(s) affiliated with this page which includes family, friends or individuals who run or enter this web site. IF YOU DO NOT AGREE TO THESE TERMS THEN LEAVE.

oh boy! It is late here, but i got caught up in this conversation. I am curious, it didn't seem like these people were American. What does this mean anyways? Does this legalize "stealing?"

and what is the logic in this?

All the objects on this site are PRIVATE property and are not meant for viewing or any other purposes other then bandwidth space.

maybe this is none of my business. I just don't understand the why's to all of this. *not that i really want to*

But if this is all meant to be personal.. why have a web site pertaining to it at all? http://www.aota.net/ubb/frown.gif

Well Justin, you seem to hold a good conversation, and your talent seems to have not been shattered. Looks like you might have learned a few important things. So, maybe all in all this was not so bad, huh?

Good luck.

------------------
~~~ Hearts
www.heartsweb.com/ (http://www.heartsweb.com/)

The "disclaimer" is pretty much standard for a warez / cracks site. I believe they all copied the same one and pasted it on their web page.

The thing I don't get is that their host has an "Acceptable Use Policy" very similar to FQ's. I know FQ wouldn't let someone have a domain called crackstore.com on their servers, but this bridge.net does. What do they expect to find at crackstore.com anyway? Windshield repair kits?

I haven't received a reply from the host, the cracker himself, the webmaster, or the administrative contact of the domain, and I don't really expect one either. Either way, that particular crack won't work in the downloadable version now, which is another reason I like having my file hosted under my complete control (another thread), and not on ftp sites all over. 10 minutes and it's recompiled and ready to upload.

I knew from the beggining of VDJ that eventually I'd find a crack or key generator, and that's not what bugs me about this. My problem is that version 1.30 wasn't that great - many bugs and installation problems. So I didn't expect it to be cracked. Version 1.40, just released on the 15th, is a thousand times better, and I didn't change the algorithm for the reg codes. The crack is for 1.30, but of course works with 1.40.

I figured on at least a couple of weeks before a crack, and since I thought there wasn't one for 1.30, there was no need to change the algorithm and put my 11 regged users through having to get a new code.

Now I'm worried that these 11 users will be the only ones to register. Go to AltaVista and you can find it easily, probably at a lot more sites than just the one.

So basically, 1.30 didn't generate a lot of money because it had many bugs, and now 1.40 won't because it's been cracked before it was released. Maybe version 1.50 will do better...

I'm worrying over nothing. I know that the guys who made WinAmp have lots of cash, and until recently, there was no limitation at all in the unregistered version. It was like honesty-ware. And people paid. I guess there are some good people on the web yet.

My talent will NOT be shattered by some lamer wannabe's that can't pay me 30 lousy bucks for my program so I can get a carton of smokes http://www.aota.net/ubb/smile.gif I always have and always will look at a challenge as an opportunity.

I'm into electronics, and when someone tells me that something can't be done, I ask "Why not?" The response is always "Because I've never seen it done." Ok, that's when I figure out how and prove it. Same thing with programming. I was told by a few poeple that the whole idea of VDJ was dumb and that I couldn't do it. Ha! I love a challenge. Unfortunately, so do crackers. "This program is crack proof!" Oh, yeah? They will spend many hours/days/weeks to prove otherwise. I've been there, so I know.

They will continue to challenge me, I will continue to challenge them. I'm not fighting the battle, I'm just presenting them with newer challenges, and vice-versa. It may wind up being fun. "Crack this!" "Defeat this!"

Most of your better crackers (like Fravia+) will not post a crack when they figure it out. They will show you how to do it. Lamers, just looking for an easy way to avoid paying, will not find what they want, and will move on or, hopefully, break down and purchase. And the people who do this sort of cracking would never have purchased anyway.

But those who search the net for an easy, ready made crack, maybe would if their search turned up nothing. That's what ticks me off. The lamers.

Well, I've done it again - I've made this page take forever to load due to rambling. Sad part is I talk like this, too http://www.aota.net/ubb/smile.gif

Thanks, everyone, for all of the replies. It's helped me to cool down a lot. That and turning off Slayer and putting on VDJ to play random tunes http://www.aota.net/ubb/smile.gif



------------------
Justin Nelson, SFE Inc.
http://www.vdj.net

Here's another method, but I'm not sure if I like it yet http://www.aota.net/ubb/smile.gif

Office 2000, I've heard, REQUIRES you to register the program with the Microsoft web site within the first 50 runs, or it disables itself.

Doesn't matter that you have a "valid" serial number, doesn't matter that whether you used a krack or not.

The combination of needing a serial number in the beginning to use it in the first place (thought about a time-limited demo? people like those http://www.aota.net/ubb/smile.gif, and then enforced registration would make it hard to circumvent. Especially so, if you scatter that code all over the place and make it hard to find.

If the registration takes place using a serial number or registration that is not in your internal database, you shut down the application and disable it unless they call you for a real SN and stuff.

I think a notice like "If you like the program enough to launch it 50 times, please consider paying for it instead of using an illegal crack. I worked hard to bring you a quality program and it's not that much- $30 is the price of 3 pizzas!"

http://www.aota.net/ubb/smile.gif Ok, had to get my Apple background in there.. think: iMac for 3 pizzas a month.

Anyhow.. I still haven't decided as an end-user how I like enforced registration, but I understand its use and I imagine it will quite effective... it makes writing a crack for a program that much harder.

duh man i just read that disclaimer liek DUH man if the files arent even meant to be viewed then why put up a publicaly accessable site DUH!!!!!! DUH!!!!!!!!!!!!!!!
what a bunch of baloney what a joke yeh like peope reading that really arnt gonna go look - it;s an open invitation to browse and download HAHAHAHHAHAHAHA like DOOOOOOH
yeh then they put a big fat enter link doooooohhhhhhhhhhhhhhhhhh geez like pahlees!!
Yeh lkikje I have files I dont want anyone looking at on a public site with a big fat enter sign - yeh wahtever - it;s pretty onvious what its all about.


------------------
Lea
Massachusetts Rabbit Rescue
www.RabbitRescue.org (http://www.RabbitRescue.org)
LJ Massey & Co.
http://www.massey.i-p-d.com/index.shtml

Letter from the web host to the site owner:

Hello Filip.
Please take care of this letter. If you have any questions to Justin,
the programmer who contacted us, please write him directly with CC to
me. Please take care of this ASAP.
Thank you. Vlad.

Justin Nelson, SFE Inc. wrote:
>
> Hello,
>
> I am a shareware author, and I have found illegal content on a site,
> www.crackstore.com, and you are listed as the technical and billing contact
> for this domain. This site is full of registration codes, including one for
> one of MY programs, and cracks, serial numbers, etc. I would like this site
> removed or dealt with otherwise.
>
> Please let me know if action will be taken. Thank you.
>
> Sincerely, Justin Nelson, SFE Inc.
> http://www.vdj.net
> Info@VDJ.Net


Well, something was done - at least started. I guess they CC's the letter to me to show that something was being done. I don't think they're in the US, though. But either way, the crack is still there (useless in the version on my site now).

Just though I'd update. Thank all of you for the replies, too. You've all helped me a lot, and kept me from throwing anything large http://www.aota.net/ubb/smile.gif


------------------
Justin Nelson, SFE Inc.
http://www.vdj.net

Hello, everyone. Just thought I'd let 'yall know that the crack has been removed from the site and the site owner told me to let him know if I ever find another crack on his site that relates to me and he'll remove it. That's cool, I guess.

I think they want to avoid trouble, even if there's nothing I can do legally. I guess it wasn't as big a deal as I thought http://www.aota.net/ubb/smile.gif

A friendly email is all it took.

Justin

Justin,

I'm really glad that you've been successful in getting the stuff removed from the website that had cracks / hacks for your software posted. However (and I hate to say it), I think you got "lucky" with your friendly email.

It's a simple (sad) fact of life that people steal. It's made a great deal easier here in the digital realm, where copyright infringement is so rampant.

Intellectual property laws are very complex, and it's only recently that the governments of the nations of the world are coming around that the rules are effectively changed when intellectual property enters the digital realm. It will definitely take a while for the laws to catch up with digital reality.

In the meantime, you did the right thing. You wrote the service provider of the individual / organization that was hosting the illegal content, and requested it be removed.

But the sad fact is, that if someone is violating your intellectual property rights, it costs a huge amount to have the situation rectified (assuming if they aren't feeling as "cooperative" as the provider did in your case).

I work for a company that is in an intellectual property dispute with a MAJOR Fortune 500 company, and we're spending on the order of $10-20 K a month for the lawyers in NYC. (-sigh- and -gasp- at the same time, I know). These people stole from us, plain and simple. But it will be many more months before we find out the outcome of the lawsuit. I guess I'm lucky that I work for a company that takes intellectual property so seriously … and that we have the resources to pursue a fair outcome to the bitter end!

All I can say is that you should continue to write insanely great software, and enforce your rights as an author to the full extent you are legally and financially able. Hopefully, the rest will take care of itself, and you'll be a multi-billionaire before you know it!

(Regarding Jacob's comment about Microsoft's published intentions to enforce copy protection via electronic registration … it's just another bad idea from the mother of all bad ideas. Those people are the LAST folks I want snooping around on my hard drive! Remember Microsoft Money? he he he )

------------------
Andy Tuttle
"Life is too important to be taken seriously" (with thanks to Oscar Wilde)

[This message has been edited by Darth (edited 01-24-99).]

Well, I have thoroughly enjoyed ready this thread...sorry to have come in late..but better late than never...

It's great to see that you have succeeded in getting your problem solved. Most of these sites are actually having to fight to stay up...so they are being put on the defensive side of this war...unlike about a year or so when they had the right...

I noticed Submit Wolf software was having a huge problem with this and they were able to solve their problems with strick password/username changes...not being a programmer I don't know the techno jargon..but I do know someone that tried using the serial number from the Serialz site and received a message that their email address was being reported to the Submit Wolf company and will continue to do so every time the software was used with the illegal username/password. He quit using that right away for fear of retribution. You might want to contact them to see what they did.

It's hard getting around the crackz, serialz, warez and appz because there is always going to be that hacker that wants to do just to see if he/she can. I've met a few professional hackers and the challenge is an adrenaline rush for them...doesn't matter whether it's legal or not...

That's my late news on the subject... http://www.aota.net/ubb/smile.gif



------------------
Elizabeth M. Miller
Getting You the Attention You Deserve!
www.123marketing.com (http://www.123marketing.com)

I used this thread to help spread the word.... NO to Cracks !

...long (and boring story) I belong to a 'game' network. Twelve sites banded together to sell ads and cross promote each other.

Well, yesterday a site applied to join our little network. This site get 3 million views a month and would have brought us some great attention and new viewers... The problem is they serve up CD cracks. (and other things)

I immediatly voted NO and used this thread as an example of how cracks are harmful and indeed frowned upon.

After reading this thread, (and soul searching) the group also voted no.

You provided a ton of food for thought

Good Luck,
Dean

Now that's cool http://www.aota.net/ubb/smile.gif

--------

On another related note, there's a discussion board at RegNow, the company that authorizes my credit card orders, and there's been a lot of talk about cracking. One programmer said he had a "Solution" that does encryption, compression, and all kinds of security checks. So the EXE can't be cracked. He claims that it is crack proof, and is very misleading.

10 minutes after downloading it, I emailed him showing how easy it was to circumvent this "Protection" altogether. It makes a temp file in the program's folder - and guess what? It's the same size as the origional EXE. Renaming it to *.EXE and changing a few bytes (he turned a block of 00's into 58's (X) - find and replace) was all it took.

So the 64 bit encryption, pkzip based compression, CRC checks, all do no good. The thing cracks itself. It has to make the file in the same folder so that paths are good within the program, and the name of the temp file is VDJStudio.000.TMP for VDJStudio.exe, which is done because if your program needs the exe name it will show properly.

It ticks me off badly that there are quite a few programmers at RegNow that think his "Protection" is perfect, and they are using that as their only line of defense (not to mention paying this guy). I want so badly to post in RegNow's forum about it, but I don't want to be mean about it and make him lose money - but his users are losing more.

But if it took me less time to crack it than it took me to download the darn thing, a cracker would take longer to crack it because he'd he laughing too hard http://www.aota.net/ubb/frown.gif

I already have a new scheme that will be a *lot* harder to crack - only validating the reg # after the 30 minute limit, then deciding if we should exit or continue. Then every 10 minutes afterwords, just to be sure. There are a few other subtle tricks up my sleeve too, like certain program data will be dependant on the registration routine working, and the timer will do other things too that are vital to the program's operation.

Why bother encrypting, compressing, CRCing, and all that if you're just going to save a copy of the origional when the program is run? I was so mad I emailed him (was nice about it, though), deleted his stupid program, etc. Well, at least his site is on Tripod...

Oh, I ran this thing on Notepad first, and cracked it. Then I figured it would be harder on a bigger program, so I did it to VDJ (592 kb) and it was no harder at all.

Justin
-- What ever happened to the TV show "Fight Back"?--