1

I am trying to make a code hard to crack using Objective-C on a Mac.

One of the things I have to do is to check to see if the application was cracked.

I am new to Objective-C and Xcode and whatever way I imagine to test my application I always end in a basic test that can be patched easily.

For example: suppose I am about to test for the existence of a given value in a certain part of the binary. That operation will be something like:

"is this value = x?" if NO, it is cracked.

This is very easy to crack. The hacker can easily patch the test and make it be true always.

I am trying to imagine something that could test something, not appearing as a test that can be easily patched.

I know I cannot stop 100% piracy, but at least I am trying to make things more difficult, to discourage most part of crackers out there.

Any ideas of ways stuff like this can be done without and turns things difficult for someone looking at the binary?

thanks for any help.

nall
  • 15,899
  • 4
  • 61
  • 65
Duck
  • 34,902
  • 47
  • 248
  • 470
  • 2
    If Apple cannot even successfully stop people from cracking the iPhone, there isn't that much hope for one single developer to achieve this. – orokusaki May 12 '10 at 19:21
  • This reminds me of a saying: "Fighting against Crackers is like mud-wrestling a pig. You both get dirty, but the pig loves it.". Apologies to the US Navy, where I think that quote comes from. – Warren P Sep 17 '10 at 12:51

5 Answers5

11

Unless your software is security related, I think a better approach would to change your licensing plan to make the software free for home users that barely use the software and expensive for organizations.

Organizations rarely use cracked software, due to the legal issues, where as home users that are occasional users don't like to spend $100s for using the software once in a while.

This would take away the motivation of crackers to crack the software.

Danny Varod
  • 17,324
  • 5
  • 69
  • 111
  • 4
    Another thing to consider, if people like using the free software at home, they'll ask for it to be purchased at work. – Danny Varod Oct 17 '09 at 02:13
  • Crackers crack software for the hell of it. – Chuck Oct 17 '09 at 06:07
  • 1
    Agreed. Getting into an arms race with full-time crackers would require becoming a full-time, foremost security expert. Even then, your software would stay uncracked for a month after release at best. If it's popular enough, that is --- which is unlikely to happen if you spend all your time on protection schemes. Most software protection gets in the way of real users, too. – Lee B Oct 17 '09 at 11:26
  • 1
    @nickf: The whole premise of this answer is wrong. Small- to medium-sized businesses are some of the biggest copyright infringers on the planet (most big software companies put more effort into stopping that than home piracy), and the idea that having a free version reduces the motivation to crack is wrong. Well, unless by "free for home users" you mean "nobody is forced to pay, but businesses users can do so if they're feeling especially generous today." – Chuck Oct 18 '09 at 10:11
  • NOt appropriate for iphone or mac os x. – Warren P Aug 30 '10 at 17:06
  • @Warren P: I have seen similar models for Android phones - basic app free, business related features require paying. – Danny Varod Sep 16 '10 at 21:16
  • I don't believe, however that the original guy asking the question asked about Windows or Android. He's asking about Objective-C, in some form. He doesn't state iphone or desktop, but from his question, it seems iPhone. – Warren P Sep 17 '10 at 12:49
8

Don't. Remember, (good) crackers crack software for fun. The more elaborate your protection scheme is, the more challenging and fun it will be for the cracker. Plus, people who are likely to use your software illegally are not going to pay for it anyway, even if they can't get a cracked version. Your time will be better spent making your product better.

Having said that, you can deter most amateur crackers by stripping your executable of debugging symbols. You'll have to enable this in project preferences.

svintus
  • 1,562
  • 2
  • 18
  • 22
5

All really strong protection schemes I'm aware of use self-modifying code extensively, one way or another. However, this is definitely not something a beginner programmer should be prepared to handle.

Pavel Minaev
  • 99,783
  • 25
  • 219
  • 289
2

Make it hard for them to evaluate your scheme, and change your scheme regularly. A textbook example is to perform the check at odd intervals which will be time consuming for them to locate the sources of your checks and all cross references during the progress of the license evaluation. Combine that with multiple checks and you should be set for most releases, just add a good dose of creativity when creating your scheme. Also, it's a bit fun to play their game; to get them to release a crack that fails 1 month after the crack is posted... ok, that may just backfire on you, but if you are trying hard to fight them in the first place...

It's an interesting community; if you're new to this, studying the communities will also be beneficial. As previously mentioned, cracks happen for challenge, some product versions will simplify their copy protection scheme for 'free advertising'. So... you can't really fight cracking too hard because if somebody is determined, it will just waste your time and frustrate you. Observing the culture can be interesting. You're probably in the best position if you acknowledge that it being cracked equates to 'popular software', and therefore, you should be happy. You should generally not lose much sleep over this (though there are of course exceptions to this). Furthermore, as this question is listed in the Mac category: I am not going to dig up stats, but your software is less likely to receive attention from crackers if you're targeting OS X.

If you're a beginning programmer, clever use of that information (and acceptance) may be all you need to know to effectively fight crackers.

justin
  • 104,054
  • 14
  • 179
  • 226
1

One danger is that if you go to overly great lengths, you may end up breaking things for legitimate users. A number of Atari's arcade machines in the 1980's had code which would do various interesting things if it detected that the ROM was altered. The effects would be subtle; for example, a game called Tempest would award unlimited free games if the game ended when a player had certain score values. In the release ROM of Tempest, however, the checksum was calculated incorrectly, so all machines had this behavior. I'm not sure to what extent this bug affected earnings in fielded machines, but I would imagine some operators would have been rather upset upon discovering it.

supercat
  • 77,689
  • 9
  • 166
  • 211
  • It was a calamity for Atari. They had to burn new roms for all thousands of machines already in the field! – Dave Oct 15 '18 at 14:52
  • @Dave: What fraction of machines were updated? Is there any way for a player to distinguish updated and original machines? – supercat Oct 15 '18 at 14:59
  • I'd say any machines that stayed in arcades were updated. My own machine was a kid's dorm room machine so it was not. You can tell by the piece of metal below the marquee where you can set quarters - it's different on version 2 machines, but I don't have a photo! – Dave Oct 17 '18 at 15:08
  • @Dave: I've seen the (IIRC) "46" behavior (select any level at startup) demonstrated on an arcade machine back in the day, and I've encountered a machine in a restaurant location stuck on 31 credits (I'd guess from the same bug) many years later. If I were any good, I'd test the machine at Galloping Ghost. Did the change affect anything else that would be relevant to gameplay and world records? – supercat Oct 17 '18 at 15:11