Sorry your browser is not supported!

You are using an outdated browser that does not support modern web technologies, in order to use this site please update to a new browser.

Browsers supported include Chrome, FireFox, Safari, Opera, Internet Explorer 10+ or Microsoft Edge.

FPSC Classic Product Chat / Software Protection Service

Author
Message
Komet
19
Years of Service
User Offline
Joined: 24th Aug 2005
Location:
Posted: 24th Mar 2007 14:02
Link
Development Progress Status 50% complete.

I'm creating a software protection service, internet activated, multi-checking, trial period capable, in brief the idea is that a software developer sends in their software, it gets sent back encased in a security distribution wrapper along with a code.

They then access a website, activation serials are generated for their customers who register and pay for the product (I get a percentage of each sale, as yet undefined) the php/mysql/xml based website checks their computer if one of the multi-checks are tampered with their software will cease to function.

A software developer can void their access to his/her programme manually too, manually provide an activation if they wish and view basic customer tracking data.

Bear in mind I'm thinking of making this service for all kinds of software developers, not just those creating software for FPSC.

Q: Will this service be of use to those wanting to sell games?
A: Possibly, I'll see but that's not the main aim.

Q: Which payment processor will the system use?
A: Initially PayPal as I've goth that implemented, later others.

Q: What is the development status of this?
A: Around 50% complete.

Q: How secure will this be?
A: More so than any existing system, that's the intention.

Questions/ideas welcome.
Back to top
Profile PM Email
Silvester
18
Years of Service
User Offline
Joined: 7th Dec 2005
Location: Netherlands
Posted: 24th Mar 2007 15:14
Link
Intresting,but can you proof what you say?

Back to top
Profile PM Email
Komet
19
Years of Service
User Offline
Joined: 24th Aug 2005
Location:
Posted: 24th Mar 2007 15:24
Link
Quote: "Intresting,but can you proof what you say?"


In what respect do you mean precisely?
Back to top
Profile PM Email
Silvester
18
Years of Service
User Offline
Joined: 7th Dec 2005
Location: Netherlands
Posted: 24th Mar 2007 15:42
Link
Even better,it was never made.

Back to top
Profile PM Email
Komet
19
Years of Service
User Offline
Joined: 24th Aug 2005
Location:
Posted: 24th Mar 2007 15:52
Link
Oh I see yeah that sucks, more than a toothless hag nodoubt...

Let's get something straight, I'm not depending upon this community to be its customers, the thread can be locked for all I care, if it's not then that's fine too.

This is 50% complete (roughly) there is no cinema release yet. A screenshot of the files this project has so far is attached.

I'll post more as soon as I have something interesting to show, if I say I'm going to create a piece of software I always do it, might not be exactly how I first describe, it's usually better, but developed it gets.

Attachments

Login to view attachments
Back to top
Profile PM Email
Silvester
18
Years of Service
User Offline
Joined: 7th Dec 2005
Location: Netherlands
Posted: 24th Mar 2007 15:56
Link
cant you uplaod them and show us the pages?

That is more proofing,as every fool can make some files and folders

Back to top
Profile PM Email
Komet
19
Years of Service
User Offline
Joined: 24th Aug 2005
Location:
Posted: 24th Mar 2007 16:05
Link
Quote: "cant you uplaod them and show us the pages?"


1/ The website side is not complete and functional yet.

2/ And this is a laugh, I don't have access to my website until I find the file where I stored the URL's and passwords etc to the cPanel, I've not used my server for more than six months or so.

Quote: "That is more proofing,as every fool can make some files and folders"


I doubt as quick as I replied to you with that screenshot.

Like I said let the thread be locked, I'll never post about the project here again.

I wanted ideas, opinions, reasonable questions not judgement as to whether I'm a hoaxer.
Back to top
Profile PM Email
SamHH
17
Years of Service
User Offline
Joined: 9th Dec 2006
Location: Vermont
Posted: 24th Mar 2007 16:09
Link
you could do a thing that was a file that was $0 and then just see if people can use the key that they get twice?
Back to top
Profile PM Email Website
Komet
19
Years of Service
User Offline
Joined: 24th Aug 2005
Location:
Posted: 24th Mar 2007 16:18 Edited at: 24th Mar 2007 16:35
Link
Quote: "you could do a thing that was a file that was $0 and then just see if people can use the key that they get twice?"


That won't be possible for them to do that due to various checks made. One payment will mean one licensed copy on one computer only, if they want a copy for a laptop for example then they would have to purchase a second license or the software developer could manually approve a second activation.

Also reselling of activation keys on eBay or sharing passwords/keys or generating keys using illegal generators will be eliminated.
Back to top
Profile PM Email
Silvester
18
Years of Service
User Offline
Joined: 7th Dec 2005
Location: Netherlands
Posted: 24th Mar 2007 16:28
Link
I could give you an FTP acces to a part of my site,but only if you realy need it.

Back to top
Profile PM Email
Komet
19
Years of Service
User Offline
Joined: 24th Aug 2005
Location:
Posted: 24th Mar 2007 16:31
Link
UPDATE: I just located my server details, so will work on progressing with the web side of it over the next few days, I'll then either post screenshots or links.
Back to top
Profile PM Email
Komet
19
Years of Service
User Offline
Joined: 24th Aug 2005
Location:
Posted: 24th Mar 2007 16:34
Link
Quote: "I could give you an FTP acces to a part of my site,but only if you realy need it."


Just missed your post Prince Of Darkness. I won't need it thank you though, appreciated.
Back to top
Profile PM Email
alex 1337
User Banned
Posted: 24th Mar 2007 18:50
Link
Wow I think this is an excellent idea
Back to top
Profile
Komet
19
Years of Service
User Offline
Joined: 24th Aug 2005
Location:
Posted: 24th Mar 2007 20:51
Link
Quote: "Wow I think this is an excellent idea"


Should be popular with some software developers anyway.
Back to top
Profile PM Email
Steve J
18
Years of Service
User Offline
Joined: 22nd Apr 2006
Location: Vancouver, Washington
Posted: 24th Mar 2007 21:42
Link
Good work it looks like. Are you using 1NF sql, or 2NF, or 3NF? For such a product, I would assume 3NF. Also how will you be stopping injections and cross site attacks? It looks modular as is a lot of my php works, but it could also simply be sparsely laid out into a variety of folders. Once you set it up I will try and find security issues with it, if it is fine with you. Also how are you protecting the user data? I assume double MD5, so even if the database is cracked the cracker will have to spend months to get any data.

pleading and needing and bleeding and breeding and feeding exceeding..where is everybody? trying and lying defying denying crying and dying..where is everybody?
Back to top
Profile PM Email Website
Komet
19
Years of Service
User Offline
Joined: 24th Aug 2005
Location:
Posted: 24th Mar 2007 22:23
Link
@ Steve, 3NF, sacrafice a bit of speed for extra security so double MD5. I don't want to go into ideas for preventing injections or cross site attacks as I think the less discussed about the inner workings the more secure it will be.

I will e-mail you privately after I've cooked and had dinner, if you don't mind?
Back to top
Profile PM Email
Steve J
18
Years of Service
User Offline
Joined: 22nd Apr 2006
Location: Vancouver, Washington
Posted: 24th Mar 2007 22:29
Link
Sure. I dont think the double MD5 will sacrifice too much speed though, as most of the workings of it will be either during purchases when nobody cares, or during logins when it wont be the main bottleneck (Server side MD5 is usually fast, the main bottleneck is mySQL). 3NF meanwhile will cause bottlenecks from the labors of having to make so many writes to the db, but dont fear, the security of it is good. It makes it easier to organize in the end, and harder for crackers to steal information, because it is all over the place. And you are partly right on the inner workings, but sites are still hacked that nobody knows about the inner workings, remember that!

pleading and needing and bleeding and breeding and feeding exceeding..where is everybody? trying and lying defying denying crying and dying..where is everybody?
Back to top
Profile PM Email Website
Jeremiah
18
Years of Service
User Offline
Joined: 9th Sep 2006
Location:
Posted: 25th Mar 2007 04:14
Link
How much are you offering to people to test it out and to test it's capabilities to make sure it is crack proof protection?
Back to top
Profile PM
Steve J
18
Years of Service
User Offline
Joined: 22nd Apr 2006
Location: Vancouver, Washington
Posted: 25th Mar 2007 04:14 Edited at: 25th Mar 2007 04:32
Link
Just to let everyone know, me and Komet have decided to team up. We already have the VB backend to protect the EXE working, with an advanced hardware detection set which leaves many marks for if you want to have a trial period.

The PHP frontend is stable, but I will spend a few weeks making it efficient and have a nice design. We also have a name for this software.






Now Most likely the system will have several "castes".

There will be the "Bedroom Game Maker" type caste, where the end user will be able to sell the game for $0-10, and it will get medium priority on the server stack for activation speeds, so if someone from a higher rank is activating, it will process that first and yours second. The interest rate will for most likely 60 days be somewhere between 3%-10%, while after this it will be based on sales volume.

The second Caste will be the "I used some custom media, and have good level design skills" type cast, where cost can be from $5-15, and you get high priority. Your activation will come before medium priority, but not the highest on the server. The interest will most likely be based somewhere between 2-7% first 60 days, then based on sales volume.

The third caste will be "Good Game Maker" type caste, with a range from $10-20. You will have Highest priority on the server, and users will activate before all else. The interest will be around 1-5% the first 60 days, then based on sales volume.

The final caste is basically the "Veteran" Designer. You can sell your product for anything you wish, and you get highest priority. You will have a set interest rate, not defined right now.

I think with me on board we will most likely make a selling the game system. I would *like* to see this come into a publisher type system, but I will not say this is what it will become=). We have not discussed the cost for using the system yet, but I would hope it ranges $10-50 for the use in your games.

Thats pretty much it.

pleading and needing and bleeding and breeding and feeding exceeding..where is everybody? trying and lying defying denying crying and dying..where is everybody?

Attachments

Login to view attachments
Back to top
Profile PM Email Website
Candle_
18
Years of Service
User Offline
Joined: 29th May 2006
Location: kindergarten
Posted: 25th Mar 2007 05:36
Link
quite reasonable.

My Web site Deveron Murder MysteryGame Mikes Room

Back to top
Profile PM Email Website
Komet
19
Years of Service
User Offline
Joined: 24th Aug 2005
Location:
Posted: 25th Mar 2007 07:11
Link
Just to confirm and clarify a few things. Indeed myself and Steve have teamed up to complete this software project and over the next few days he will be able to inspect indepth the code of the backend and frontend that I already have, from there he and I will discuss the changes that need to be made to turn it into a secure service, it was not originally intended to be a service but this is the way to go I believe.

Some of the things Steve mentioned in his post above may possibly change, we will keep the Citadel name that the software already had. The several "castes" idea is something we certainly need to look into so long as it does not become needlessly too complex for users and offers a fair service to all developers.

Once the software is ready for testing as a service we will do that ourselves, the tests will be intensive checking both performance and security aspects.
Back to top
Profile PM Email
Steve J
18
Years of Service
User Offline
Joined: 22nd Apr 2006
Location: Vancouver, Washington
Posted: 25th Mar 2007 08:38
Link
Yes sorry to clarify, but me and Komet had not discussed the Caste Idea in private, but as I was gone for a few hours I thought that he would accept it, as it personally seemed to be a quite reasonable idea.


I dont believe the complexity will be a large issue=)

pleading and needing and bleeding and breeding and feeding exceeding..where is everybody? trying and lying defying denying crying and dying..where is everybody?
Back to top
Profile PM Email Website
the_winch
21
Years of Service
User Offline
Joined: 1st Feb 2003
Location: Oxford, UK
Posted: 25th Mar 2007 16:33
Link
Quote: "How much are you offering to people to test it out and to test it's capabilities to make sure it is crack proof protection?"


It won't be crack proof, it almost certainly won't even be difficult. It's the nature of fpsc exes, they need to load all data unencrypted from disk. Work out where the data is extracted and you have the game without the protection.

If I was trying to make money from fpsc users the last place I would try is a percentage on sales. You might get a couple of games a year that sell a dozen copies if you are really lucky. Very few users make anything that is worth downloading for free.

By way of demonstration, he emitted a batlike squeak that was indeed bothersome.
Back to top
Profile PM Website
Komet
19
Years of Service
User Offline
Joined: 24th Aug 2005
Location:
Posted: 25th Mar 2007 16:56
Link
Quote: "It won't be crack proof, it almost certainly won't even be difficult. It's the nature of fpsc exes, they need to load all data unencrypted from disk. Work out where the data is extracted and you have the game without the protection."


Rest assured we won't be making the service available unless and until it is the most secure system available, with respect, as you have never examined the code you can but speculate as to what degree of protection it will offer.

As previously mentioned it's aimed at actual software developers, if game developers make use of the service, cool.

Quote: "If I was trying to make money from fpsc users the last place I would try is a percentage on sales. You might get a couple of games a year that sell a dozen copies if you are really lucky. Very few users make anything that is worth downloading for free."


A very good point and I thank you for that, as far as creators of FPSC games goes, myself and Steve have not actually discussed sales strategies to any meaningful degree yet, but we will and my intention is to provide an excellent service and also a profit.
Back to top
Profile PM Email
Komet
19
Years of Service
User Offline
Joined: 24th Aug 2005
Location:
Posted: 25th Mar 2007 17:11
Link
Quote: "How much are you offering to people to test it out and to test it's capabilities to make sure it is crack proof protection?"


I don't see why we should offer anything to test it when we can do that ourselves and probably better. Nodoubt there will be attempts to access the server we will host our service on, if they are undetected fine, if we catch them then they may find their local police banging on their door one morning, and yes pressing charges is a must. Just wanted to clear that up.
Back to top
Profile PM Email
xplosys
18
Years of Service
User Offline
Joined: 5th Jan 2006
Playing: FPSC Multiplayer Games
Posted: 25th Mar 2007 17:31
Link
Software protection is absolutely a must. The first step I think is as you are doing, in creating some kind of secure activation scheme. This will help to keep the honest person honest, but as we already know, is never even close to 100% foolproof. The estimated numbers for percentage of pirated software and it's cost to giants such as Microsoft is staggering.

Quote: "Software piracy resulted in a loss of $34 billion worldwide in 2005, a $1.6 billion increase over 2004, according to a study commissioned by the Business Software Alliance.

The study, conducted by information-technology research firm IDC, found that roughly one out of every three copies of personal computing software installed in 2005 was pirated. While the rate of piracy has fluctuated from country to country, globally it has remained steady since 2004. news.zdnet.com

"


See http://www.bsa.org/usa/ for more info.

Because of the nature of software, in that it is fixed once coded and capable of reproduction, it has no defense when someone copies, downloads, hacks, reverse engineers, etc. Even Microsoft is not capable of preventing piracy at an estimate of over 25% of business software being used illegally to the tune of billions of dollar losses.

By the time a new system is devised to thwart hackers and pirates, it is already countered by the bigger pirating industry. The only real defense, as discovered by the largest software developers today, is people. Unlike software that is written and fixed, people can immediately adapt to the ever changing methods of piracy.

It is my belief, that what is needed is a service which constantly watches the web and other avenues for the sale of it's clients software in an illegal manner or venue, and actively peruses and closes those venues. On a large scale, this has many implications and could be a lucrative and effective deterrent, as well as a way to recoup some of the losses from the larger pirate operations. On a smaller scale, we could all keep an eye out for each others software and report infractions to the ISP's and other authorities.

Best.

I'm sorry, my answers are limited. You must ask the right question.

Back to top
Profile PM
Steve J
18
Years of Service
User Offline
Joined: 22nd Apr 2006
Location: Vancouver, Washington
Posted: 25th Mar 2007 20:55
Link
@xplosys I agree to a degree, but then can you really trust the people? Yes they adapt. That is the point, with the Pirating community so large, the majority of internet users pirate, does that mean that you can trust them all?

pleading and needing and bleeding and breeding and feeding exceeding..where is everybody? trying and lying defying denying crying and dying..where is everybody?
Back to top
Profile PM Email Website
Silvester
18
Years of Service
User Offline
Joined: 7th Dec 2005
Location: Netherlands
Posted: 25th Mar 2007 22:41
Link
Quote: "information-technology research firm IDC"


Information-Technonology Research I Dont Care?

Bad people they are,bad.

Back to top
Profile PM Email
Komet
19
Years of Service
User Offline
Joined: 24th Aug 2005
Location:
Posted: 25th Mar 2007 23:18 Edited at: 25th Mar 2007 23:22
Link
xplosys, I too have to agree with some of what you posted/quoted.

The rumour is that M$ gave up on catching pirates a longtime ago and that their main concentration on that front is threatening businesses that use their software illegally.

It's the multiple business licensing area where they make the most money. Most home users get their OS pre-installed, when they want to upgrade they get a cracked version is what it seems like.

Many companies in the UK are a joke when it comes to buying software like anti-virus, I've lost count of the number of times I've gone into a business and found their anti-virus two years out of date, their systems crawling with viri and trojans and warning messages flashing up upon booting that the anti-virus trial has expired

Yeah, they don't want to buy unless they absolutely need to, funny thing is they will splash out on less important software.

The world is too disunited to make a joint crackdown on piracy, and as Steve said, a lot of internet users are pirates or indirectly supporting it, that latest bit of software out, some cool music, or in the case of game creators... 3DMax etc.

How can the average man afford $3000 worth of software? How can a schoolkid who is a whizz at model making?

So yeah anything to hinder the piracy of a developers software would be welcome by developers, we aim to try our best.
Back to top
Profile PM Email
xplosys
18
Years of Service
User Offline
Joined: 5th Jan 2006
Playing: FPSC Multiplayer Games
Posted: 26th Mar 2007 02:56 Edited at: 26th Mar 2007 02:58
Link
Quote: "the majority of internet users pirate, does that mean that you can trust them all?"


That's not what I said. I was talking about using a "service" (made up of people of course) which would seek out and destroy pirates for it's clients and their software, not just trusting everyone to do the right thing. lol

Best.

I'm sorry, my answers are limited. You must ask the right question.

Back to top
Profile PM
Jeremiah
18
Years of Service
User Offline
Joined: 9th Sep 2006
Location:
Posted: 26th Mar 2007 04:14
Link
That would make a great business Idea, take on clients who want to stop piracy. Your business model would be that you go out and find all crack sites featuring your clients software and find a way to make the host or the ISP shut down the sites.
Back to top
Profile PM
Back to top

Login to post a reply

Server time is: 2024-11-26 09:30:48
Your offset time is: 2024-11-26 09:30:48