How to protect your software
Piracy is considered to be a critical problem for the software industry of today. Technical easiness with which unauthorized copying can be performed made its spread epidemic, even though piracy is against the law in most countries. Law enforcement proved to be unable to completely stop software piracy or even halt its growth. In this situation, what are the common methods that software businesses use for protecting their intellectual property?
A very widespread option is the use of registration keys. A registration key is a sequence of letters and digits that is distributed with the software package. It is typically entered by the user during the installation. The program then refuses to run if the registration key does not pass the validity check. Attacks on this scheme include key generators and modification of the program binary to remove the need for a key.
Another approach is online product activation. Again, a product key is utilised, but now the program connects to a central server to verify that a single key is not being used for multiple installations. As before, the program binary can be modified by an attacker to remove the key check.
An interesting class of techniques involves some degree of hardware support. For example, a piece of hardware containing an electronic serial number can be distributed with each copy. For the program to work, this piece of hardware (called a dongle) must be plugged in. The key can then be used to decrypt a critical part of the program; alternatively, key parts of the software may be stored and executed on the dongle itself. Hardware copy protection is usually reserved for very expensive high-end software packages.
All of the above methods have a fatal deficiency, however: it is possible to circumvent them (sometimes even easy). Therefore, it is important to protect code not only against copying, but also against reverse engineering. Morpher provides that protection via obfuscation - a transformation that makes the program more difficult to modify and understand than the original code. A prominent feature of Morpher is integration with the source language compiler which allows the use of the most advanced algorithms in the field. Reverse engineering can't be made impossible, but that is not what is usually really needed. All that matters is slowing down the attackers enough, so that by the time the pirated version is out, it is already obsolete.