Here''s an idea... now that the net is so widespread, why not put code in your game to detect cracking, and then when someone does this put up a disclaimer that says "You''re using a cracked version, we''re now sending your information to the proper authorities". You could get them to send their info to you ;-)

Of course I guess that would be illegal too :-D

Keith

wouldnt all of this stuff be legal as long as before installation, you put a disclaimer sayin gthat if the user agrees, he is agreeing that if he/she tries to in any way use it illegally, it is OK for the program to report thier info? Just put what ever method you are going to use in the disclaimer as to make it legal... only when they click the i agree button of course.

maybe it is illegal to make such a disclaimer... but just what i think...

tazzel3d ~ dwiel

quote: Original post by Uhfgood
Here''s an idea... now that the net is so widespread, why not put code in your game to detect cracking, and then when someone does this put up a disclaimer that says "You''re using a cracked version, we''re now sending your information to the proper authorities". You could get them to send their info to you ;-)

Of course I guess that would be illegal too :-D

Keith

Not if you specify in the EULA that by installing, they give you the right to upload any and all parts of their registry. Very very very few people do that, but there are a few people who do. Blizzard got nailed for that a while ago when they were trying to figure out why so many people were complaining that their cd-keys didn''t work on Battle.net. They uploaded the registries and didn''t tell people. I don''t remember what happened exactly. I think they were fined a few million. (Someone correct me on that, but I don''t remember for sure.)

In any case, what it boiled down to was that it wasn''t in the EULA. There are some very high end scientific software packages that validate a code against a centralized network database at the company that programmed the software EVERY time it is run. It''s part of the license agreement that you allow them to validate your installation every time you run it. How can they do this? It''s in the EULA.

Of course, these packages cost literally hundreds of thousands of dollars for a single license for a single year. having a central database allows them to revoke any license at any time if they see something fishy. Maybe it comes up from one IP address, and closes. Then 10 minutes later, a different one, and yet another 10 minutes later. They have the ability to ignore validation requests from certain IP addresses and essentially have full control over when you can and cannot run their software.

Having said all that, we''re not dealing with software packages of that magnitude. The sheer cost of implementing such a system are prohibitive for most developers and the added pains of requiring that a customer be logged into the internet when they play the game would be such a turn off to most people that they simply wouldn''t buy it.

My point is though, that if you put in the EULA that any ATTEMPT to hack or crack your software results in X, then I think you can do it. So, I think you can write your fake crack, distribute it to your heart''s content, and then sit back and laugh at the mayhem you create as peoples'' registries are emailed to you on an hourly basis, your tech support lines are flooded with pissed off people because you''re taking their registries without their consent, your website is defaced by an annoyed hacker, and your ISP shuts off your site because he plastered your main page with porn.

hmmm? Sounds tempting huh? While I think that legally you can get away with it, I think that unless you''re very careful to not show a trail of any kind back to yourself, you''re going to have problems with publicity. And those problems with publicity can be much more damaging than a few lost sales due to piracy. If you''re going to do it, then go all out, but you''d better keep your mouth shut and keep it so hush hush that not even your lead programmer knows what you did. All it takes is one person to talk and your public image is ruined. Remember. Three people can keep a secret if two of them are dead.

I know what you''re going to say, and I echo the thought. "Well, if someone''s trying to pirate my software, it''s his own damned fault what happens to him. Who cares what he thinks or does? He was a software pirate trying to rip me off for my hard work!"

And again, I know. I completely understand. But what happens when you put something nasty in your code that you believe will only be activated when you apply your crack? Maybe you decide to format their hard drive. Hmmm. Even worse. Maybe something that''s not so bad. Uploading a file with their registry so you know who they are. That''s not so bad. They''ll never know. But you''d better make sure your code is completely bug free. One errant pointer and poof. You''ve just determined that a legitimate, paying customer is a pirate and you''ll never know the difference. Hard disk errors do happen as well.

In the end, it depends on the stance that you want to take as a software developer against potential pirates. I''m not here to tell you what to do. You can do just about anything you think you can get away with. But you really should look at ALL of the possible repurcussions of your actions, and with the possibility of software traversing the entire planet over the internet, even if you think the chances of something happening are 100 million to 1, it could still happen, and eventually, it probably will.

Looking for an honest video game publisher? Visit www.gamethoughts.com

OFFTOPIC:
Isn''t anyone else scared by what is said here:
http://research.microsoft.com/crypto/openbox.asp

Didn''t Disney propose that? Or some big music corporations like Sony? It is like how they are releasing music CDs that aren''t the actual CD standard format or that crash your Apple computer if you use it. Damn DMCA/RIAA.

Yea, that sounds bad. The reason I say that is that I can see Microsoft making it proprietary hardware and wanting a kickback for every piece of hardware that is sold with that embedded. Not to mention whole new ground for a digital music monopoly.

The thing is, that hardware encryption like that will be a tough pill to swallow. If it is embedded into the hardware, people will get ticked. Look at how the idea of CPU ID''s embedded in the processor was handled by the public. They want anonymity on the internet. And what hardware will you embed it in? You need to be able to play all of your MP3''s that you''ve made and purchased legally.

Sony''s CD copy protection is easily broken. They spent millions on it and it can be defeated by a four year old with an 89 cent sharpie marker. Just scribble out the outer most track on the disk with the marker. That''s where the protection track is. The PC misses it, and you can copy it or do whatever you want.

Any solution is bound to be broken, given time. It''s unfortunate, but it will always happen. You just need to find new ways to do it.

The point with my idea is that A) you let the user know what will happen if they don''t have a valid key B) i''m only proposing crack detecting code, not fake cracks to distribute.

I really don''t have time to go on warez sites to upload cracks, and in fact I wouldn''t want to be caught looking at those sites anyways to make myself look bad.

I also wouldn''t send registry info from my program... Instead i''d rely on stuff like location, and what system the user was on, etc... Maybe finding a way to find the cracker''s ip address... but even like you said, it is a lot of work

;-)

Keith

Uhfgood, what you COULD do, is specify in the EULA that if you detect a crack, you are going to upload their IP address to your systems and ban them from your website. Place a database on your website that accepts these IP addresses, and if you ever get a request from that IP address, redirect them to a page that says they''ve been banned for piracy of your software. If they actually care, give them an email address they can straighten it out with. That way, you''re protecting your future software as well. It doesn''t work too well though for people on connections whose IP addresses change all the time. Perhaps you could do it via MAC address, but I can''t think of any way to get that via a web browser connection.

The thing is, if someone is going to pirate your software, they''re not going to pay for it unless they are truly going to benefit by doing so. Most people are honest enough that they will pay unless you hold the serial key under their nose. Anytime you update your software with a patch, you can update the list of keys that you know have been compromised. Anyone attempting to use that key will be banned.

It''s just an idea.

I think it is a good idea to have the software regularly "download fixes/patches" for the user to improve the stability of the program or w/e and put in known serial problems in there... that way crackers have something new to crack everytime you realease a fix... problem with this is that the crackers will just remove the autoupdate function from your proggy and that will be the end of the solution... huh.. just some more to think about!

tazzel3d ~ dwiel