View Single Post
Old 07-28-2013, 17:21
sendersu sendersu is offline
Join Date: Oct 2010
Posts: 852
Rept. Given: 324
Rept. Rcvd 216 Times in 110 Posts
Thanks Given: 168
Thanks Rcvd at 354 Times in 201 Posts
sendersu Reputation: 200-299 sendersu Reputation: 200-299 sendersu Reputation: 200-299
THere is a tradeoff (as usually )

1) either you use pure Sw protection - will be broken/reversed/patched/etc sooner or later
2) you use HW based protection (so called dongle protection) - will be broken/emulated/etc later or more later
both way has pros and cons (as usually)

you see the point...
if you really want to make the time to reverse/break your app long and expensive - look into vm based protectors. I've heard that nowadays some .net protectors use their custom built VM machines to execute the code under VM layer - probably that would be most advanced type of protection. the rest of protectors are just a matter of time/skills to break (just look what de4dot could do....)

2) dongle based protection - will be strong only if you architect to use it as a black box that does smth valuable inside - eg you feed some input data, it executes (!!!) some code inside and produces the answer. I"m not talking about query-response, but a real live user code that does some math/algo, etc
the rest will be dumped/emulated/patched, mate.....

that is my IMHO vision, so probably I'd be wrong in some parts

P.S. there is a 3rd way - the best way to protect is 0 protection . I.E concetrate on the user functionality/features/values instead of putting money/efforts/time into process that will be broken sooner or later.
Reply With Quote