Best software protector: Themida or Enigma Protector?
 

Hi guys. I know this is a kinda odd question, but I'm trying to decide between Themida and Enigma Protector as the software solution to protect a program.

I'll be using my own registration engine so I will only use Themida/Enigma Protector to protect the exe from decompiling/analysis.

Which solution do you guys think is more secure, Themida or Enigma Protector?

Thanks!

don't worry, it will be inlined then, use encrypted code parts Luke

Both have been fully defeated. I'd go for good customer care. :) Beats any protection.
Personally I've got not much experience with enigma, though did not find it particularly impressive when I unpacked it once or twice.

Themida on the other hand I've unpacked many times. Good protector, but not what it used to be nowadays.

I think both have the same probability of being cracked. Depends a bit on the cracker I suppose.

Thanks for your reply.

Do you have any suggestion for a protector you feel is better than any of these two I mentioned? I also have TTProtect, VMProtect, NoobyProtect and Code Virtualizer (although this last one will only obfuscate with a virtual machine the areas I select) on my list. Do you have any comments to make about any of these programs?

Well, don't know about Enigma nor VMProtect, but Themida or WinLicense has been fully defeated. About Code Virtualizer, I made a CodeUnvirtualizer to fully convert Virtual Opcodes to Assembler Language ;). The same with CISC machines in Themida and WinLicense, about RISC part, until know didn't see any public tool that can dothis job.

Hmmm as deathway also noted themida has not been impossible for quite some time.

VMprotect has no public devirtulaizer, but they exist. Obfuscation is also pretty lame there. It's antidebug I'd say is best of all these, however with the correct plugins you don't have to do anything to bypass.. And sunbeam documented this pretty well.

Noobyprotect is not often used and has some compatibility issues I noticed, at least in the crackme's released. Perhaps they're fixed by now. No experience with TTprotect, rarely used as far as I know.

Well the point is actually all have been defeated, though most are actually pretty good. Themida/enigma and VMprotect are the more commonly used ones, but they all have been defeated. There's simply no flawless protector out there. The above protectors will stop all newbies anyway so in that regard you're already good.

Well, we got Themida/WL/CV defeated, VMProtect unpacking is doable as well (proven by LCF-AT and Nooby) and NoobyProtect seems to have some teething troubles.

TTProtect hasn't updated for ages if I'm not mistaken and does not run on my Windows 7 box. Might be some kernel32 retrieval issue?

Protection coders used to offer customized versions, not sure about them still doing it. There are custom Armadillo versions but it's defeated as well.

I'd go for a customized VM protector (insisting on the customization of the VM; if you got the budget and it's worth it) plus some own protection tricks which will keep off newbies using scripts/step-by-step tutorials as quo already mentioned.

Coders trust so much protectors that they feel secure just by enabling some/all features which the protector offers.
Most of them doesnt even care about using code markers in their source thus making unpacking very easy and cut off 50% of protector power.

All the protectors you listed are quiete good but depends on the way you implement them.

My advice: develop your own registration procedure, add some asm tricks to your app and pack it using code crypters.

Remember this release: VB.Decompiler.Pro.7.7.RETAIL.INCL_KEYGEN-FFF.rar. VB Decompiler uses Themida's registration scheme. So, it can be breaked too :)

It is most useful and correct advice to my mind. Many people buy a protector, simply choose input and output files and click protect button. After some time they become amazed to find a cracked executable of own software. Probably the most unpacked programs are not a weakness of protection systems but the lazy of software developers.

Simply spend a whole day for protection implementing and you will get good results.

Disagree regarding this... If you are not well in cryptography then you could make many errors applying own registration, that could be bypassed and keygened. Registration routines of protectors are much stronger and do not have mistakes (not sure about all protectors of course :) )

Regarding asm tricks - also disagree, some tricks could work on 50% machines, but for another 50% you will get a crash. It is really better to use protectors that had been dozen times tested on dozen machines..

it think the best of protectors is that you develop it , because for many protectors we have so many tools that make it easy to unpack for newbie users.

And remember, Themida is having a lot of false positives with antivirus.

enigma? a joke jaja

imho best way to protect your software is:
1. to not alow crackers to read authentification algorithms - simply put them on some web server, and athenticate through some php script.. the algorithm can be simple as you want..
2. encrypt and decrypt exe critical code parts on the fly using the key that can be checked only on the web..