Fellow independent software developer Andy Brice was able to conduct an anonymous interview with a software cracker.
it might help if most authors realised that the person who cracked their software is more likely a bored 16 year old Chinese male than a future terrorist.
What are the commonest mistakes software developers make related to security?
In no particular order:
- Depending on commercial protection schemes for security.
- Directly comparing the license string entered with the correct one.
- Not using some sort of encryption/obfuscation (XOR isn’t *good* encryption).
- Using a single simplistic registration function that is easy to isolate.
- Displaying message boxes with helpful strings sending the cracker straight to the protection code.
- Not integrity checking against patching.
- Not updating the software once a crack is discovered in the wild.
Worth reading, especially if you are - or want to be - an independent software developer.
Software developers are in an eternal battle with software crackers - those who blast through the software license system to distribute "unlocked" copies of your software. For independent software developers this is no abstract topic - our personal income is directly affected by the quality of our software licensing system.