Desperately seeking copy protection for OS/X


#1

I got a bug report from a user that my program didn't work on Mavericks.  I tried it out - and it seems as if it's the copy protection, as the unprotected version works fine on Mavericks but the protected one didn't.

Well, it seems as if that copy protection scheme (Armadillo for Mac) simply isn't being sold any more, and will never work for Mavericks.  So I tried the only other one I could find, ExeShield - their trial version didn't even generate anything that worked for 10.8, let alone 10.9.

I looked at the list of things you need to do to get into the Apple Store - http://www.juce.com/forum/topic/submitting-mac-app-store - and, well, I am not going to be able to pull this off in 2013 as a solo developer with other priorities, particularly since the Mac is a small part of our small revenue stream.

I see all this commercial audio software for Mac, that appears to be copy protected, so someone must be doing it - but I can't find anyone still offering it.

Any ideas?  I'm thinking of handrolling something.  But, god, it's not like I have the spare time... :-(


#2

iLok, you can have a license for about 1k usd and a few dollars per plug, just keep with the sales folks until they surrender.

There's also Cryptanium, really excellent software, but you still have to implement all the checking, etc, as that only encripts, obfuscates, make reverse engineering harder.

Cryptanium protects Cubase, and that baby has not been cracked, but i repeat you still have to protect your code, choose where, etc, because it generally creates mindf*ck code when reverse engineered.

Anything else will be cracked, piracy is good, they often become paid customers, and it's better that they use your products than your competition.

I have some RSA code which i implemented for some friends, that thing works in a certain degree as it can not be keygen, your products have to be cracked.

Seriously, nothing will work, unless iLock, cause thats almost rootkit, and actually those guys are quite helpful with the implementation, but when things go wrong, oh boy, they will go quiet.

However i heard from that Chaos guy, that he had a hard time with jules tracktor random silence method...

 


#3

I second iLok, aka Pace.  Their new system Eden doesn't actually require your customers to have an iLok and their new license manager application, iLok Manager, is great.


#4

But Pace charges PER plugin "flavor", I have been told. So if you want to release a plugin in VST2, RTAS and AAX format in 32/64 bit that amounts to a huge pile of money!


#5

That's not true.  You get charged to create a license type for a new plugin, (the aforementioned 1K), and you get charged a few dollars when you actually deposit a license to a user's account.  One license for a plugin will work on all the different plugin formats unless for some reason you set it up not to.  

But in any case I don't disagree that Pace will be too expensive / not worth it for some developers.  


#6

Thanks for correcting me! yes


#7

Thanks for all the information!

$1K... not entirely cheap.  The program which it replaces costs a small fraction of that.  And we don't sell that many.  And I wonder if it's a one-time license or I'd have to renew.

Their site is... weird.  It's all robots.txt-ed off so it doesn't show up at all in search engines and doesn't have any links to tell you how to buy it.  They don't show up in searches for Mac copy protection at all...

I am put off by the idea that they feel that they need to hide their terms from customers.

Cryptanium looks interesting but I'm not really sure how it would work to prevent copying without a license manager.  Plus, again, no hint at terms and conditions.

Nearly all our software has been sold for the PC (where InstallShield has been fairly good).  I'm frankly not even sure if we sold $1K worth, gross, of Mac product.

To be frank, my application is fairly marginal and not too expensive.  I'm thinking to only discourage casual copying, so I'm thinking still to do it myself, knowing that it will be hacked soon but not caring so much.


#8

....Juce actually offers quite a bit of its functionality for free...!


#9

I have one commercial bundle that is protected by a single challenge-response system, on first start user types

email address and a matching code. Email is displayed during startup, in theory with this matching email/code

pair it could be installed on a plurality of computers, and it probably is, but surprise, some people do buy it.

 

So maybe consider not all your customers are potential criminals, and not all pirated copies are lost sales,  don't 

punish your potential customers by dongles and awkward installation routines.  

 

Personally I don't consider buying anything that has a hardware dongle.

 

Stefan

 

 


#10

Hi

 

I am very much interested in your comment. How exactly Juce would replace Cryptanium ?

Does anyone know the price for the latter ?

Can you get the same level of code obfuscation and pvt keys protection with Juce ?
I am looking for such product or alternatives. Any suggestion ?

 

THX


#11

Could a combination of RSA and steganography be a solution ?

steganography could store "random" parts of a public key in the softwares images, making it harder for a cracker to replace it.  Randomize the way it's loaded and it could buy you some extra time..

 

as a sidenote PACE wanted $3k anually from me for a base annual license,  (2 months ago)