[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: lock for TS2000i code ?



PureBytes Links

Trading Reference Links

> The only totally secure solution is to code all your systems and
> studies in .dll's and then provide your own security block. 

That's a bit of a pain, but it would probably be reasonably secure.

If someone *really* wanted to crack your code, they could reverse-
compile the code in the DLL and figure it out from there -- including 
disabling your security block test.  It's not that hard for a serious 
cracker.

The most secure solution I'm aware of is the DiamondLock product from 
Doug Deming &crew.  Warning:  this is NOT for the faint of heart.  
You have to remove some of your code and replace it with DiamondLock 
code to implement the same functionality.  The DL code, which must be 
hand-generated, is extremely low-level and obtuse.  You basically 
have to manually create machine-level code to implement the piece of 
functionality you're locking.  It's painful, slow, and error-prone.

But if you're really worried about getting your code stolen, it's 
probably the most secure way to do it.  The machine code that you 
create is encoded so that it would be nearly impossible to reverse-
compile it.  Since it's so difficult to create the machine code, it's 
not practical to encode your entire system, but you can encode 
critical portions.

And as part of the bargain, DL also locks the code to a specified 
machine, for a specified period of time.  You don't have to provide a 
security block or any of those hassles -- just have your customers 
run a utility to generate a unique system ID for the systems they 
want to license.

Gary