15

It's a topic that interests everyone. How can I protect my software against stealing, hacking, reverse engineering?

I was thinking: Do my best to protect the program for reverse engineering. Then people will crack it and seed it with torrents. Then I download my own cracked software with a torrent with my own torrent-software. My own torrent-software has then to seed incorrect data (bytes). Of course it has to seed critical bytes.

So people who want to steal my software download my wrong bytes. Just those bytes that are important to startup, saving and loading data, etc... So if the stealer download from me (and seed it later) the stealer can't do anything with it, because it is broken.

Is this idea relevant? Maybe, good torrent-clients check hashes from more peers to check if the packages (containing my broken bytes) I want to seed are correct or not?

Peter Mortensen
  • 12,326
Martijn Courteaux
  • 335

6 Answers6

43

Their torrent app (the pirates) will simply discard the bytes you are seeding as bad due to CRC checks. Then you will get banned by that IP for being a repeat offender.

graham.reeds
  • 288
10

Q. Can I protect my software by sending wrong bytes?
A. No, it can be hacked around anyway, especially if someone gets their hands on a legit copy.

Q. How can I protect my software against stealing, hacking, reverse engineering?
A. Sell it for a fair price, this will undermine attempts to hack.

8

I'd suggest to approach the problem from the other end. Embed a unique identification code into each copy of your software that you give to your clients. In case somebody is seeding, you can at least identify who did it and take legal actions.

8

Does DRM work? No. Does setting up bad BitTorrent/EDonkey2000 stuff work? No. Does anyone care about pirating your little application? No. Nobody has ever heard of it.

Warren P
  • 3,019
4

bittorent and most other good p2p software protects itself from such kind manipulation by using file hashes, e.g. md5.

cody
  • 599
2

t's a topic that everyone interests. How can I protect my software against stealing, hacking, reverse engineering?

The only way (I can think of) to do it is to run software completely on your server, and have no useful code in client application - because if you can't get it, you can't (easily) crack it. This way you'll have control over accounts and you'll know who uses your application. Users won't be happy, though. And if you'll only run copy-protection-related code on your server, someone will hack it by writing server emulator OR they'll identify code and bypass protection completely. As it happened with new Ubisoft copy-protection scheme.

Keeping software on server isn't completely bulletproof. Instead of cracking the software, someone will start attacking your server in order to break in and to get software. And there is always "social engineering" security holes. "keep everything on server" will work best if your software cannot be run on normal machine (i.e. it requires supercomputer or computer cluster). A good example of this is EVE Online - unlike WOW and Lineage there are no server emulators I know of, because it requires computer cluster to run the server.

My own torrent-software has then to seed incorrect data (bytes). Of course it has to seed critical bytes.

  1. If you'll try to "hijack" existing torrent, any sane client will report CRC errors and ignore your client. All p2p software uses hashes.
  2. If you upload "wrong" torrent, another user will report your torrent as fake, so no one will download it.

stealer

"Pirate", because it is called copyright infringement.

SigTerm
  • 153