CodeGuru Home VC++ / MFC / C++ .NET / C# Visual Basic VB Forums Developer.com
Results 1 to 8 of 8
  1. #1
    Join Date
    Jun 2012
    Location
    UAE
    Posts
    62

    The Best Books to Learn how to protect the softwares - C/C++ WinAPI32 Programming

    I would like to Know the Best Books that can teach how to protect the softwares. in other words how by writing C/C++ WinAPI32 I can protect my program.

    I see some programs are using dongles /HASP/KeyLock
    and others using a serial Numbers ..

    But I can not find the basics of these Issues.

    So I hope , to get some Books - to Be Simple not complex to explain all these concepts.

    I expect some books to be same as Charlez Petzold that Expalin the GUI for Win32API programming.

  2. #2
    Join Date
    Jul 2005
    Location
    Netherlands
    Posts
    2,042

    Re: The Best Books to Learn how to protect the softwares - C/C++ WinAPI32 Programming

    Cheers, D Drmmr

    Please put [code][/code] tags around your code to preserve indentation and make it more readable.

    As long as man ascribes to himself what is merely a posibility, he will not work for the attainment of it. - P. D. Ouspensky

  3. #3
    Join Date
    Jun 2012
    Location
    UAE
    Posts
    62

    Re: The Best Books to Learn how to protect the softwares - C/C++ WinAPI32 Programming

    D_Drmmr,

    Many Thanks for your answer,

    May I expect to get any PDF Document and/or Book to help in this issue.

    My Best Regards

  4. #4
    2kaud's Avatar
    2kaud is offline Super Moderator Power Poster
    Join Date
    Dec 2012
    Location
    England
    Posts
    7,822

    Re: The Best Books to Learn how to protect the softwares - C/C++ WinAPI32 Programming

    All advice is offered in good faith only. All my code is tested (unless stated explicitly otherwise) with the latest version of Microsoft Visual Studio (using the supported features of the latest standard) and is offered as examples only - not as production quality. I cannot offer advice regarding any other c/c++ compiler/IDE or incompatibilities with VS. You are ultimately responsible for the effects of your programs and the integrity of the machines they run on. Anything I post, code snippets, advice, etc is licensed as Public Domain https://creativecommons.org/publicdomain/zero/1.0/ and can be used without reference or acknowledgement. Also note that I only provide advice and guidance via the forums - and not via private messages!

    C++23 Compiler: Microsoft VS2022 (17.6.5)

  5. #5
    Join Date
    Nov 2000
    Location
    Voronezh, Russia
    Posts
    6,620

    Re: The Best Books to Learn how to protect the softwares - C/C++ WinAPI32 Programming

    Quote Originally Posted by mecheil.edwar View Post
    I see some programs are using dongles /HASP/KeyLock
    and others using a serial Numbers ..
    And I can see a lot of those breached in less than a week after releasing. Maybe the books they learned were not the best? Or not even good?

    I expect some books to be same as Charlez Petzold that Expalin the GUI for Win32API programming.
    I strongly believe that code protection as well as other security aspects cannot be learned just by a fifty bucks book. All that stuff costs years and years of programming and gaining knowledge on how the things work. And how the things get broken/breached/circumvented of course.
    Last edited by Igor Vartanov; January 26th, 2014 at 11:40 AM.
    Best regards,
    Igor

  6. #6
    Join Date
    Apr 2000
    Location
    Belgium (Europe)
    Posts
    4,626

    Re: The Best Books to Learn how to protect the softwares - C/C++ WinAPI32 Programming

    Unless you are experienced at hacking... you have absolutely ZERO effective chance to stop a hacker from breaking whatever protection scheme you invent.

    In fact, it will likely take a hacker LESS time to break your software than it took you to write the protection in the first place.

    fact: generic solutions like libraries, and software protection tools have generick hacks. hackers have tools to break such generic solutions.

    Even hardware solutions with code stored on dongles and black-box code executed in dongles get broken (fairly rapidly).
    Even hardwired solutions, and solutions where the OS and the hardwire are in protected cooperation get broken (there's whole forums/threads about jailbroken iphones, ipads, x-boxes, PS3's and 4's).
    It typically takes the security team of said companies days to develop a new protection and it gets broken within hours of release.


    Long story short:
    * It's easy enough to make a simple protection to keep the "smart user" from doing unauthorized things.
    * You have zero chance against a dedicated hacker
    * hackers are rarely alone, if it's high profile enough for one, it'll get others interested as well. it becomes a challenge for them, they'll spend hours/days without payment just for the "I did it first" bragging rights.
    * Ask yourself... how likely is it that a dedicated hacker will try to break your software. Unless you're making something that sells thousands and thousands of copies... the answer is "not likely".

    Short answer: don't bother.

  7. #7
    Join Date
    Apr 2000
    Location
    Belgium (Europe)
    Posts
    4,626

    Re: The Best Books to Learn how to protect the softwares - C/C++ WinAPI32 Programming

    Quote Originally Posted by D_Drmmr View Post
    An interesting read for the uninitiated to get an idea of things...

    Not anywhere near thourough enough to get actual protection. Critical parts are flat out omited.

  8. #8
    Join Date
    Apr 2000
    Location
    Belgium (Europe)
    Posts
    4,626

    Re: The Best Books to Learn how to protect the softwares - C/C++ WinAPI32 Programming

    Quote Originally Posted by Igor Vartanov View Post
    I strongly believe that code protection as well as other security aspects cannot be learned just by a fifty bucks book. All that stuff costs years and years of programming and gaining knowledge on how the things work. And how the things get broken/breached/circumvented of course.
    true... trying to protect your software from abuse comes in many forms, and they don't all have the same type of solution. The problem is actually "really bad". There aren't a lot of books on the subject to begin with. The few there are range from "really bad" to "good, but impractical" to "just a ploy to sell product X" to "decent/good but outdated". This stuff evolves fast, and what's secure now isn't tomorrow. If you want to be up to spec, the only way is thouroughly immersing into the hacker community and actively follow their forums/blogs/feeds/...

    I give lectures on this very topic (protecting software), and I'm always amazed at the immense effort some of the devs go to try and protect something that I can "crack" within minutes during the lecture (unprepared). And I'm not even 'exceptionally' good at this. The Obvious pitfall is that they have an elaborate type verification, and fail to see that you can just short-cut the verification funtion to return "everything is ok" and circumvent everything.

    Many devs don't really understand how "unsafe" the PC hardware (well any computer hardware basically) inherently is. And base all their further assumptions on the fact that the PC/hardware is immutable.
    Many devs don't understand the interactions between "security", "authentication" and "encryption" enough to even get a concept right that might work (let alone properly implement it).
    Many devs don't understand how easy it is to just hook/reroute API calls.
    Many devs have never seen the kind of hardware/software tools "real" hackers have at their disposal.
    ...


    A simple registrationkey check will stop the "non programming savvy" advanced/smart user.
    Anything beyond that really requires an approach that has effects (code changes) throughout the entire code base. You can't get there with just a few simple checks up front.

    commercial protection: a lot of money for very little actual protection(yes, they'll claim otherwise, ofc they do, it's their livelyhood).
    Last edited by OReubens; January 27th, 2014 at 12:26 PM.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  





Click Here to Expand Forum to Full Width

Featured