In article <024501c73a80$c8a9e1f0$6600a8c0 at BILLING>,
"Jay West" <jwest at classiccmp.org> writes:
Richard wrote...
As with most things, the amount of work done to
protect an application
is directly in response to the perceived threat.
Nah, I think it was more along
the lines of how good a particular programmer
or group of programmers a software manufacturer happened to have on staff. I
don't think most companies actually spent time analyzing the threat and
keeping their response equally measured. That's why a lot of companies
eventually contracted with other companies who specialized in copy
protection (everlok, etc.).
As always, I chose my words carefully :-). I said "perceived" threat,
not measured or analyzed threat level. Yeah, you get harder to
decruft stuff from a good programmer, but even a bad programmer can
make your life hell by inserting tons of checkForValidLicense() calls
sprinkled throughout the code. Companies worried about this stuff,
particularly games companies in the early days, but they didn't spend
their entire development budget on it. There's a point where they all
said "that's good enough". How much they decided they needed is
proportionate to their perception of the threat. If they don't feel
threatened by copying, then they don't bother. If they feel mildly
threatened they take mild measures. If they feel absolutely paranoid
about it, they take extreme measures. I'm simply saying that like
most things in life, most people won't feel the need to take extreme
measures.
> [simply NOP out the check or jump over the check]
Oh no... definitely not. Sure, there was definitely
some code that was a
simple no-op. But I wouldn't say that was the majority of applications. Even
very very old applications got much more crafty than that.
Well, you have that weird situation in the "old days" where
programmers were cheap and machines were expensive, so yeah in that
environment I can see people putting more resources into the copy
prevention.
[...] so at least in my experience, there
were definitely some "no-op the branch" and you're done, but that was a far
minority of programs.
I have no experience in these matters, merely suspicions :-).
--
"The Direct3D Graphics Pipeline" -- DirectX 9 draft available for download
<http://www.xmission.com/~legalize/book/download/index.html>
Legalize Adulthood! <http://blogs.xmission.com/legalize/>