again on piracy: a very smart method to create retro-compatible serials and read them
January 25, 2010 by Andrea D'Intino · 3 Comments
HELLO WORLD
While looking for a solution to this keygen thingy, I started a thread on Joels on Software. One guy named Rui came out with a really smart concept, so smart and simple that we didn’t think of it first (here) and I tell my ideas about the benefits of such approach here. Then conversation goes on, I get moved and can’t help showing our love to our community: here. Of course I had to explain the concept using some capitalistic arguments, but I hope that the “love” comes out of my post 
. Well, before going further, please have a look at our previous posts on piracy here and here – just want to make sure that we absolutely don’t have bad feelings (nor we are frightened!) by pirates in any way 
The previous situation:
Our previous serials looked like this: 1-23T02-123456-7-890. Everything apart from the “T02″ was generated based on purchase reference number. The issue with that Tabbles was reading the whole serial at once, and since we used no trick/obfuscation at all, we knew that it would have been a trivial job for any hacker to reverse-engineer the code and write a keygen…
Our current approach:
Our current serial looks like this: 1-T02-123456-1-111122233334444555566667777888899990000. The main difference is that now Tabbles is reading only a part of it (that is: 1-T02-123456-1-1111) and the logic to read the rest of the serial is not in the code (it was commented out at compiling). Therefore Tabbles will accept a serial number looking like 1-T02-123456-1-111122233334444555566667777888899990000 but will only take into account the first part (1-T02-123456-1-1111) and ignore the following part (22233334444555566667777888899990000).
So here is the trick: assuming that a keygen can only be written by reverse engineering the functions that read the serial inside the app, the first keygen that will developed will only be able to generate the first part of the serial (1-T02-123456-1-1111) and it may as well append some randomly generated numbers afterwards – the current version of Tabbles would work just fine with it. Then, the next day we’d reply by releasing a new version of Tabbles that reads also another little chunk of the serial (say the “2222″) making the previous keygen useless with the current version… 
peace and love,
A.
Related posts:
- Weekly update 02->08 November – and how we (don’t) fight piracy
- space-efficiency -> rearranged file item
HELLO WORLD!
I'm one of the guys behind Tabbles.
Want more info? Check http://tabbles.net/about.html
Want even more info? Come and see us in the forum:
http://tabbles.net/forum/
:-D
Old idea. In reality cracker will just create another keygen and if/when he gets bored he will patch your app to accept any serial. Using obfuscator doesn’t matter because the reverse engineering is done at assembly level using kernel level debugger.
Anonymous:
sure, we know that. Our point is that beating piracy is not possible nor desirable, indeed in the days following the release of cracks for our app, we experienced a boost in visits and sales!
Our goal is:
1) have as many cracks/keygen for Tabbles as possible (as at the end of the day they drive traffic and help the page rank)
2) making it just a little bit hard for the average Joe to find a working keygen…
We’re actually thinking of releasing a “cracked” version ourselves
Andrea D’Intino´s last blog ..howto: tweetmeme and facebook share buttons aligned