How software publishers can squash piracy

Finally a solution to entering A7HP1 D731B XU30V AL02B1 93NS9 ZS82M B290DK...
Finally a solution to entering A7HP1 D731B XU30V AL02B1 93NS9 ZS82M B290DK...
 

It never ceases to amaze me how no sooner do I rip the cello wrap from my latest box of brand new software that I've shelled out hundreds if not thousands of dollars for, that I realize that there is already a cracked version complete with keygen that I could have illegally downloaded in a matter of minutes and at no charge at all (unless you consider criminal charges).

The basic flaw with the vast majority of software authentications is that they call for the entry of a "secret" long code in order to activate the program. This long code is usually the result of a complex calculation which takes the serial number and subjects it to all sorts of hexanumerical scrambling. Hackers can crack these calculations in nanoseconds, and then incorporate them into keygens which will fool your application into thinking that it has been duly validated and is an official copy.

Even Adobe who supposedly has an impenetrable online validation system features an easy workaround. Just choose to validate not on the internet but by telephone. You will now be presented with a screen that any keygen will make short work of. So much for rock-solid validation!

There are other, more secure options, but they are almost universally so burdensome to the user that they represent an insufferable imposition. Anyone who has had to validate their copy of Windows by calling Microsoft's toll free number and going through the process of reading out endless codes to the bored-sounding operator and then typing in an even more endless code of junk into the Windows Activation boxes will testify that although steps should be taken to ensure that only full paying customers have access to software, this level of gobbledigook is patently ridiculous.

The answer is to make a very minor change to how the hexanumerical scrambling is done. All that needs to be implemented is that the serial number to validation code calculation be done on secure servers belonging to the software publisher. Each serial number would have a lookup database of a single random set of characters. The calculation is then completed by factoring in this random sequence and generating an authorization code which is not only unique to that serial number, but uncrackable by any keygen. This system would also avoid registering many different users with the same serial number as each calculation would only be allowed once.

Therefore, when the new legitimate software owner wants to activate his software, all he has to do is to hit a button which allows the software to connect to the publisher's servers, communicate its serial number, have the server calculate the proper authorization code and unlock the software. This could be done in a couple of seconds without any need for users to key in A7HP1 D731B XU30V AL02B1 93NS9 ZS82M B290DK... until his fingers fall off.

The reason why software publishers may not have wanted to embrace this concept is because they want to allow the purchasers of their software who are not connected to the internet to be able to validate their registrations, but in this day and age, how many purchasers of expensive software applications are there who also don't have at the very least dialup access to the web? This solution can ensure that only customers who have legitimately paid for their software can activate it, and put the Trojan-Horse riddled keygens and their hacker creators out of business.

 

Check out hundreds of Hal's PC Technology articles in these categories:

More by this Author


Comments 2 comments

Lattyware 8 years ago

Yeah, Genius, I'm sure.

And how do you stop the pirates from getting the signal that it sends from the server that verifies the key to the software, and faking that?

Nice idea. Shame you didn't think it through.


Andr3az 8 years ago

"The answer is to make a very minor change to how the hexanumerical scrambling is done. All that needs to be implemented is that the serial number to validation code calculation be done on secure servers belonging to the software publisher. Each serial number would have a lookup database of a single random set of characters. The calculation is then completed by factoring in this random sequence and generating an authorization code which is not only unique to that serial number, but uncrackable by any keygen. This system would also avoid registering many different users with the same serial number as each calculation would only be allowed once."

What you just described is basically used in Steam ( go check in google ). It is almost keygen free, but people have bypassed it and now you can get nonsteam games from some torrent or something.

    Sign in or sign up and post using a HubPages Network account.

    0 of 8192 characters used
    Post Comment

    No HTML is allowed in comments, but URLs will be hyperlinked. Comments are not for promoting your articles or other sites.


    Click to Rate This Article
    working