We all look forward to your contribution of a usable, bullet-proof, uncrackable licensing scheme (with source) for shareware developers to use. After your critical analysis of Aquatic Prime, you now know of at least one way that it shouldn't be done. Good luck and godspeed.
schwa
· 3 years ago
Because after pointing out a bug in an existing system it is now obviously my responsible to create a replacement for that system.
Mark Grimes
· 3 years ago
"Any scheme accessed via Cocoa calls is vulnerable to attack via an InputManager" and Public-key encryption systems may be especially vulnerable to replacement of the public key, unless it is obfuscated throughout the entire app" which are clearly documented in discussion on CocoaDev:MakingSecureRegistrationCodes shouldn't be the first time these guys have heard this.
I'm quite surprised you are getting such a reaction. While you've taking the time to 'prove it' and point at a specific product, none of this is new. I suppose this is hush flame as we already know but if you blog about it people will discover these deep dark secrets that already sit on other public websites :/
I'm not watching your thread, but I'm sure it is the implementors that have banked on this scheme that are seeing red as it COULD affect their financials. However I'm sure we all know that if someone is going to go to the trouble to write a SIMBL/InputManager plugin to runtime circumvent your registration scheme, they probably won't be ponying up for a license anyway. Most pirates take the use it for free or don't use it at all mentality.
All Comments
We all look forward to your contribution of a usable, bullet-proof, uncrackable licensing scheme
(with source) for shareware developers to use. After your critical analysis of Aquatic Prime, you
now know of at least one way that it shouldn't be done. Good luck and godspeed.
Public-key encryption systems may be especially vulnerable to replacement of the public key,
unless it is obfuscated throughout the entire app" which are clearly documented in discussion on CocoaDev:MakingSecureRegistrationCodes shouldn't be the first time these guys have heard this.
I'm quite surprised you are getting such a reaction. While you've taking the time to 'prove it'
and point at a specific product, none of this is new. I suppose this is hush flame as we already know
but if you blog about it people will discover these deep dark secrets that already sit on other public
websites :/
I'm not watching your thread, but I'm sure it is the implementors that have banked on this scheme
that are seeing red as it COULD affect their financials. However I'm sure we all know that if someone
is going to go to the trouble to write a SIMBL/InputManager plugin to runtime circumvent your registration
scheme, they probably won't be ponying up for a license anyway. Most pirates take the use it for free
or don't use it at all mentality.
Otherwise MethodSwizzling is cool and fun :)