Andy Brice’s Interview with a Cracker

Fellow independent software developer Andy Brice was able to conduct an anonymous interview with a software cracker.

it might help if most authors realised that the person who cracked their software is more likely a bored 16 year old Chinese male than a future terrorist.

and

What are the commonest mistakes software developers make related to security?

In no particular order:

1. Depending on commercial protection schemes for security.
2. Directly comparing the license string entered with the correct one.
3. Not using some sort of encryption/obfuscation (XOR isn’t *good* encryption).
4. Using a single simplistic registration function that is easy to isolate.
5. Displaying message boxes with helpful strings sending the cracker straight to the protection code.
6. Not integrity checking against patching.
7. Not updating the software once a crack is discovered in the wild.

Worth reading, especially if you are – or want to be – an independent software developer.

Software developers are in an eternal battle with software crackers – those who blast through the software license system to distribute “unlocked” copies of your software. For independent software developers this is no abstract topic – our personal income is directly affected by the quality of our software licensing system.