General protectionPosted by lARP64Tech 2010-01-29 13:57:26It was mentioned many times already and it can not anymore be left unattended: software cracking needs treating without postponement. Let's learn why. A rival's program - if running under virtual execution-based systems such as Microsoft’s .NET or Sun’s Java platform - is really painless to decompile, probably rendering an advantage over the rival, but it is as well really painless to crack this kind of software created this way. Software piracy is not a local phenomenon, on the contrary it occurs on a global scale. Following are some fateful ciphers around cracking.
Risks of getting captured for computer data copying or other software piracy activities are not so high which makes that some individuals don't mind involvement in this variety of unlawful process. According to new academic surveys, 20-25% of all computer company revenue is ruined to plagiarism, which is around $15-$20 billion on a total $80 billion annually. Around 40 pct of all software programs used on computers have alive pirated variants or are pirated. Obviously, such pictures and attitude are blasting. Can something be done? Sure! So, software sellers are forced to behave themselves by preventing at the least, some of the losses.
Software protection techniques are far from simple though, nevertheless, supreme protection techniques do exist indeed. Because of readily disposable, many coders trust on third party applications or hardware systems for protection. Foremost, the developer should protect application registration routines as good as attainable.
Battling cracking is frequently realised by usage of a combined protection system solution. Total protection packages implement a high risk for all programs protected by this total package because the moment the appended registration routine is cracked, they are all crackable in the same way. The protection program offering a certifying procedure to the protected application is then called a total protection solution. Many people say though that developers must specify their own certification system, and next have their program protected by a commercial protector for the best protection overall.
Coders can do much for their software protection also, starting with programming their best possible shielded certification outline. This takes us to additional possibilities for programmers:
* Software verifies its registration status and validated functioning via online activation servers. Be aware that a lot of customers hate to get confronted with a non-working activation service, with problems due to deficiency of internet availability and with software that transmits extra data.
* Seperate download links for Trial and Full. The programmer has not included a couple key characteristics in a demo version, this returns plagiarism useless. The full version is installed after uninstallation of the demo or trial version for upgrading to the full program. Notice that hackers often find the official download link for the full version within minutes!
Additionally to what coders themselves should do to outwit cracking, there is also a choice in external tools to help combat cracking.
* Shielding code is added as a stub or wrapped around the protected software, this family is called the software based protectors. Protectors have found a universal use in the past and are really common in the shareware business. It exists really unskilled as well as really competent protectors: pick out sagely!
* Hardware lock: ties the software to a specific pc through software (it is software based though its name might make believe otherwise). Remark that hardware locking makes sure that a specific certification can not be utilised on multiple computers but is linked only to the unique pc it was purchased for. Priced reasonably, hardware lock protectors often fetch sound defensive capabilities against piracy but the negative point is they necessitate a new licensing for the developer who changes computers. Most frequently, the specific number of the sound card, processor, hard disk, graphics card etc are utilised for hardware locking. FYIO:
lARP64Pro is a hardware lock system.
* The most general hardware based locks are Dongle locks and USB Drive Locks. Both schemes have had success initially because of advanced protection facilities but suffered since because of some substantial disadvantages: price, missing availability of a port and misplacing of the hardware piece have lead to some problems. To activate the secured application, for instance through the connection to a USB port or a parallel port, the application expects the function of an external composition of hardware. Hardware based forms of hardware locking are surely not uncrackable but they are not often in the posession of crackers which causes that the guarded software is often left uncracked, so they are frequently reserved for very expensive software or for a package that only sells a couple copies every year.
General protectionPosted by lARP64Tech 2009-12-25 19:03:19The problem.
Sure you too are ignoring your software security! That is, unless you are one of the 0.1 percent of users who do read the End User License Agreement (EULA, also known as software license). Else, well, then you sign contracts blindfolded because that box full of legal mumbo-jumbo when you install a program... yes, it is a contract!
Software security wouldn't really be an issue, if all software licenses were simple agreements setting out reasonable terms of use. Unfortunately, most are lengthy texts with legal slang that leave those few who do read them bedeviled and thwarted. Some enclose terms to which the ordinary user would object if he acknowledged what he was agreeing to. For example, in extension to protection against cracking, many software licenses now contribute the software company the right to gather information about your computer and have it automatically sent to the software marketer. Some, in particular software licenses for freeware, hold clauses whereby you agree to the installation of added software you do not want, some of it conspicuous spyware or adware. As a result, one might assume that the freeware is to blame for all the bad things that have happened, however, isn't it the end user who doesn't read the legal material, who is to blame?
Either way, people do not read the EULA. When downloading and installing software, we are usually curious about what the new software will bring. That EULA is just one more thing to drop time on because it is usually not readable in a short amount of time, hence not read at all. But indeed, the next thought that then arises is: what have you agreed to when you clicked I agree?
Especially with freeware, there can be an even greater problem. Freeware is not always free. Sure, it is not free to reverse engineer, modify, or redistribute freeware, but there is also the kind of freeware that is disguised as adware or even as spyware.
An example.
Remember from about 5 years ago when Gator created a storm of protest. Its GAIN Publishing End User License Agreement stated the user was automatically agreeing with also installing the GAIN AdServer software when accepting the EULA. So, the software license gave the company permission to install software that collected certain identifiable information about web surfing and computer usage. This software came immediately along with the freeware and was installed in the same process. At the end, this resulted in a display of all types of ads on the user's computer.
Next the EULA mentioned that Gator even unauthorized the use of popular uninstallers for their own tools on which countless people trusted to remove this unwanted stuff from their machines. But also, users were prohibited from using devices like web monitoring programs or similar on the GAIN AdServer and its messages, thus eliminating all possible control. Obviously, such clauses are no longer related to software protection against cracking and were more than a bridge too far for many users.
So, if all is specified in the product's software license, then it is also what can help decide about what you want to have installed, or not! Indeed, especially the software balancing at the edge of legal boundaries will try to straighten out what is not completely right. And you guessed it correctly: that is most frequently revealed in the EULA.
Lawyers.
In lawyer terms, an End User License Agreement is a legal contract between a software application author and the software user. It is a license that grants the user the right to use a computer software in a specific and well determined way. Usually, a EULA specifies the number of computers a user can use the software on, that reverse engineering or cracking or any other form of illegal piracy is prohibited, and any legal rights they are forfeiting by agreeing to the EULA. The user is usually asked to check a button to accept the terms of the EULA, or is supposed consenting it by opening the shrink wrap on the application package, or even just by simply using the application. The user can refuse to enter into the agreement by returning the software product for a refund or by clicking I do not accept when prompted to accept the EULA during an install in which case the software installation is usually ended. By the way, for websites, the TOS (terms of service) is the legal counterpart from the End User License Agreement for software.
So far, all may seem quite normal, however, the software license is infamous for containing stealthy clauses maintaining preposterous restrictions on the behaviour of software users whilst providing the software developer or vendor with highly intruding powers. For example, Microsoft software licenses give the company the right to gather information about the user's system and its use and to provide this information to other organizations. They also grant Microsoft the right to make changes to the user's computer without requesting permission. Now, don't be mistaken by thinking this is a Microsoft-only affair, software licenses frequently have a clause that allows vendors to make changes to users' systems without asking or notifying the user.
Remark that adding the bad things to software have mostly happened with freeware, however, there seems a trend lately to shift those same bad habits towards shareware and trialware, yes also the terms of service of some well-known companies have been under fire.
Possibilities.
One might get the feeling that little can be done to fight a bad EULA or TOS. Well, that is not entirely true, recently there have been cases where popular services have changed their terms of service because of the user's aversion for a few too flagrant terms within them. Hence, complaining does work indeed!
An example is Facebook who changed its TOS back to the old one after people complained in mass that the terms of use suddenly said that Facebook kept all rights to the user's content, even if he deleted his account. Another example is Google's Chrome browser's terms of service which gave Google a non-exclusive right to display and distribute all content transmitted through the browser.
In fact, a basic idea behind the EULA is quite reasonable: to protect the vendor from software piracy. But the worry is that software licenses are getting more and more restricting all the time. e.g. Microsoft started in vista's EULA to prohibit the installment in virtual machines though this is exactly what researchers and reviewers are using all the time.
Recently, the trend to include more and more limitations on what users can do with the software they pay for becomes quite distressing. Certain license agreements now disallow users from releasing or publishing information about the functioning of the software. That effectively prevents reviewers as well as software security experts from reporting about their experiences with a specific piece of software. Such determinations are way past protection against illegal practices.
The solution.
It is attorney material but you may wonder whether these licenses are legal. According to lawyers though, most of them do hold up in court, the exception being if the text is not reasonably understandable. Another exception has to do with minors who are mostly liberated for the agreements made this way.
Either way, the fact that a EULA might not be lawfully enforceable is of little comfort because it is being enforced on you whether you like it or not. Once the program is installed on your PC, the damage is done and it doesn't even matter if the signed contract were legally invalid. Already simply by using the computer, the user is confirming his part of the contract.
Summary.
The primary idea behind the software license - creating a clear legal defense against illegal software piracy - has long been bypassed indeed. Well, be warned, a click of the computer mouse could produce a good deal of trouble. Hence, only one advice can be given: throw away that blindfold, do read the EULA, and that does not apply to freeware only!
General protectionPosted by lARP64Tech 2009-12-25 19:00:27What is Compression?
Compression is the conversion process of reducing the size of a file by encoding its data information, performed so that the data can be stored or transmitted more efficiently. This compression can be achieved on data but also on a special kind of data: the binary file. This binary file can be in the form of an executable or a dynamic link library (DLL) or any other kind of binary files. Either way, the result is a reduction in the number of bits and bytes, leading to a smaller file size. The size of the data in compressed form relative to its original size is known as the compression ratio. Ratios can differ big time depending on the algorithm used and depending on the nature of the file to be compressed.
Why compression?
It happens still too frequent to run out of disk space, even though modern PCs tend to be equipped with relatively large hard drives. A similar problem arises when sending or receiving files over the internet. It can take really long to send a big file and even extremely long on a slow connection. So what can be done to remedy? The answer is to compress the files so they take up less room and sending time.
How to use compression?
One way is to use programs that are specifically created to compress and decompress files. Once compressed, files mostly can not be used until they are decompressed again. Thus, compression is good for archival or for emailing. A well-known example of a compression technology is ZIP, a common standard for compressing data files. For binaries, this way is not possible because the compressed executable would loose all starting capabilities as it needs to be self-contained (see below how this is solved in binaries). Compression is also used in many cases without the user realizing it. A modem uses a form of compression when it sends and receives data. Another example is a graphic in JPEG format.
How does compression work?
When you have a file containing text, there can be repetitive single words, word combinations and phrases that use up far too much storage space to be productive. The same applies for binary files with repetitive bits and bytes. There can be media such as images whose data information occupies much more space than necessary. However, the document or file can be compressed to reduce this inefficiency electronically.
How to achieve compression?
Compression is done by using compression algorithms (formulae) that rearrange and reorganize data information so that it can be stored more economically. By encoding information, data can be stored using fewer bits. This is done by using a compression/decompression program that alters the structure of the data temporarily. Compression reduces information by using different and more efficient ways of representing the information. Methods may include simply removing spaces, using two characters to represent a string of repeated characters or substituting larger bit sequences by smaller ones. Certain compression algorithms go as far as to delete information completely to achieve a smaller file size. Depending on the algorithm used, files can be adequately reduced in regard to their original size.
Are there different systems?
If the inverse of compression, decompression, produces an exact replica of the original data then the compression is lossless. The other kind, the lossy compression, usually applied to image data, does not allow reproduction of an exact replica of the original image, but has a higher compression ratio. Thus lossy compression allows only an approximation of the original to be regenerated.
What is lossy compression?
Lossy compression reduces files by eliminating bits of data that hopefully are not necessary. MP3 is such a system, it relies on the way the brain interprets audio and uses various tricks to produce something which sounds almost the same but is actually missing as much as 90% of the data. Another lossy system is JPG. It is designed to provide high compression for images. For instance, in a picture containing a landscape with a blue sky, all the slightly different shades of green and blue are eliminated. The essential nature of the data is not lost because the basic colours are still present. Large portions of the picture will be equally colored, perhaps even whole lines or surfaces, but the image will still remain the same for the human eye.
What is lossless compression?
Lossless compression is a type of compression that is able to reduce file sizes without a loss of information. The original file can be recreated to exactly the same when decompressed. To achieve this, algorithms create reference points for patterns, store them in a table and send the table along with the now smaller encoded file. When decompressed, the file is re-generated by substituting the referenced points with the original information.
When to use lossless compression?
Lossless compression is ideal for documents containing text and numerical data where loss of information can't be tolerated. ZIP compression, for instance, is a Lossless compression that detects patterns and replaces them with only one character (plus an indicator). This relies on the fact that most files contain large amounts of space or repetitive data. As an example, remark that in this text you are reading right now, the word compression appears again and again, each one taking 11 bytes of storage (one for each letter). A compression system remarks this and after the first occurrence, rather than store the actual word, it stores a one byte indicator to indicate it is a repeat word plus a byte to indicate which word it is. The result is that each occurrence of compression now needs 2 bytes and not 11, a saving of 9 bytes and over 80% of space for that word. If repeating that process for the 256 most common words, it can make quite a difference to the size of the file. When decompressing the file, the decompression program finds these codes for repeated words and restores the full words in their place thus restoring the document to its original size and content.
What are the results?
The success of data compression depends largely on the data itself because some data types are inherently more compressible than others. Generally, some elements within the data are more common than others and most compression algorithms exploit this property, known as redundancy. The greater the redundancy within the data, the more successful the compression of the data will be. In this regard, digital video has a high redundancy which makes it very suitable for compression.
A device (software or hardware) that compresses data is often know as an encoder or coder, whereas a device that decompresses data is known as a decoder. A device that acts as both a coder and decoder is known as a codec. A great number of compression techniques have been developed and some lossless techniques can be applied to any type of data. In recent years, development of lossy techniques, specifically for image data, has contributed a great deal to the realisation of digital video applications. Okay, so far for the compression in general, but what about compression on binaries?
Software compression
Like mentioned before, a compressed executable (or DLL) must be self-contained. Hence, it must be a self-extracting archive where compressed data is packaged together with the decompression code into an executable file. This way, there is no seperate program needed to execute a compressed executable file. This decompression code that is added to the compressed data is often called the decompression stub. Running a compressed executable essentially means that the decompression stub unpacks the original executable code before passing control to the recomposed original binary. The effect is the same as if the original executable had been run. To the casual user, compressed and not compressed executables are indistinguishable.
What is packing?
The act of compressing an executable or DLL file is often referred to as packing, a typical name for an executable compressing program then becomes a packer. Most packed executables decompress directly in memory and need no external file system space to start. However, some decompressor stubs are known to write the uncompressed executable to the file system in order to start it.
Why use packers?
Software distributors use executable compression for a variety of reasons, primarily to reduce the storage requirements of software. Executable compressors are specifically designed to compress executable code, that is why they often achieve better compression ratios than standard data compression programs. Software compression allows distributors to stay within the constraints of their chosen distribution media (CD, DVD,...), or to reduce the time and bandwidth customers require to access software distributed via the internet. There exists also another reason for compression: executable compression is also frequently used to deter reverse engineering or to obfuscate the contents of the executable by proprietary methods of compression and/or added encryption. Malware is known to be compressed in many of the cases, to hide their presence from antivirus scanners. Executable compression can be used to prevent direct disassembly, mask string literals and modify signatures. However, executable compression does not eliminate the chance of reverse engineering, it can only slow down the process. In general, compression-only is totally insufficient to circumvent cracking, much more reliable are protectors for that purpose.
Is the compressed executable slower?
A compressed software requires less storage space in the file system, thus taking less time to map its data from the file system into memory. On the other hand, it requires some time to decompress the data before execution begins. However, the speed of various storage media has not kept up with average processor speeds, so the storage is very often the bottleneck. Thus the compressed executable will load faster on most common systems. This is sort of theoretical though as on modern desktop computers, this is rarely noticeable unless the executable is unusually big, so loading speed is not a primary reason in favor of or against compressing an executable. Software compression allows to store more software in the same amount of space, without the hassle of having to manually unpack the archived file every time the user wants to use the software.
And for 64 bit (x64) systems?
Data compression for 32 bit or 64 bit is obviously exactly the same for both systems. Also, the compression for 32 and 64 bit executables results in comparable ratios. In fact, anything that is said in general is also true specifically for the 64 bit software. Though sizes between 32 bit and 64 bit softwares for the original executables differ slightly in favour of the 32 bit system, there is often a better ratio for the 64 bit software compression because there are more of the same patterns in this software (only the same number of bits and bytes exist for both). This makes that it is even more advisable to compress 64 bit software for reasons of reducing space and time in comparison to 32 bit software.
General protectionPosted by lARP64Tech 2009-12-25 18:59:20Due to an ever present security risk for software developers, shareware programmers have no other choice than to protect their programs to secure their income. Estimates on how much money is annually lost from cracking and illegal use of software vary big time. But the point is that money is lost, not just money, it is your (the developer) money that is lost. Hence, you need to take steps to protect your programs from being used illegally. In order to create the best defense, one needs to know the enemie. However, it is a long and difficult way to learn everything about cracking: it takes years to get there. The goal with the lARP64 technology is to do this for you and to create the protection for your (the programmer) revenues. This was the starting point to create lARP64Pro.
lARP64Pro has become a 64 bit anti-piracy and anti-cracking program with implemented compression, based on LZMA technology. It works on any windows x64 operating system. Protecting a program does not affect the original application's functionality nor does it require additional coding, unpacking and decryption are performed automatically. This whole process is not noticed by the protected application. Also, protected programs run without extracting files to disk.
lARP64Pro compresses and protects all native 64 bit applications. Although lARP64Pro is primarily created for developers, it has been a special concern to provide an easy tool in its handling. It suffices to click a couple buttons to protect an executable against piracy and cracking. Still, a movie is available from the website for more visual assistance.
LARP64Pro is created in a way that it will provide secure protection for your own licensing system. The protector defends and hides all sensitive code from crackers or other illegal actions by its multiple protection system based on the in-house developed lARP64 technology. It not only uses the well-known redirection methods of Windows APIs but lARP64Pro pushes these methods another level up. Additionally, a long list of methods have been implemented in a renovating way. Also, developers don't need any source code changes or specific programming knowledge to protect their applications. Hence, you may continue using your own usual registration scheme, in fact, you are even advised to do so.
The before mentioned lARP64 technology is a new and advanced series of techniques, not only to detect and circumvent cracking, but also to hide the detection of every possible cracking attempt. It is a path to ensure that your application is uniquely protected whilst avoiding general cracking attacks. Based on this technique, lARP64Pro uses very annoying obfuscation and code hiding. To understand this better, one needs to know that a cracker breaks someone else's code under debugger and/or disassembler. lARP64Pro makes the code's readability under debugger and/or disassembler, a real pain. After a protection, the resulting assembler code can only be understood by stepping one line at a time. This makes cracking very hard and time consuming, especially since the code transformation is unpredictable.
Functionally unlimited versions of lARP64Pro are available for download. The professional packer-protector has been provided with evaluation capabilities without time limitation. LARP64Tech has also created LARP64Free, a freeware compressor. In case you need to decide if the compressor-only (lARP64Free) or if the combined protector is most appropriate for your specific needs, then you should be aware that lARP64Pro is far better suited if program security is required.
lARP64Pro allows to protect, license and distribute an unlimited number of applications and software at no additional cost. According to the developing team, lARP64Pro intentionally provides 'only a few' options to skip certain protection features so that this always results in the strongest protection. This also emphasizes the company's intention to create tools that are particularly easy to work with. Additionally, the built-in compression reduces the overall size of the protected target till about 30% of the original, which is important in reducing download time over the intranet or internet.
Find more info about 64 bit software protection
General protectionPosted by lARP64Tech 2009-12-25 18:58:04lARP64Pro is fast 64 bit protection software and x64 software compression based on LZMA. The lARP64 technology is specifically designed to be superfast and reliable, meanwhile creating the advanced x64 Windows software protection system. The anti-piracy protector was developed to protect 64 bit software against ingenious cracking attempts.
lARP64Pro is a 64 bit anti-piracy program with implemented compression, based on LZMA technology. This 64 bit protector works on any windows x64 operating system. lARP64'ing does not affect the original application's functionality in any way nor does it require additional coding. Unpacking and decryption are performed automatically whilst this whole process is not noticed by the protected application. Also, protected programs run without extracting files to disk. lARP64Pro compresses and protects all native 64 bit applications. 
Although lARP64Pro is primarily meant for developers, it has been a special concern to provide an extremely easy tool in its handling. It suffices to click a couple buttons to protect an executable against piracy. Still, a movie is available for more visual assistance.
Nowadays, people who are in software development simply need to protect their programs. This protector is so strong that it provides a secure protection for licensing systems. Hence, developers can continue using their own usual registration scheme. lARP64Pro will defend and hide all sensitive code by its multiple protection system based on the in-house developed lARP64 technology.
The built-in compression reduces the overall size of the target with up to 70%. Functionally unlimited versions of lARP64Pro are available for download. The professional packer-protector has been provided with evaluation capabilities without time limitation. In need to decide if the compressor-only (lARP64Free) or the combined protector is most appropriate for the developers specific needs, then it is clear that lARP64Pro is far better suited in all cases where program security is required.
lARP64Pro allows to protect, license and distribute an unlimited number of applications and software protected at no additional cost. lARP64Pro intentionally provides 'only a few' options which always results in the strongest protection which is exactly what developers require.
