Sorry your browser is not supported!

You are using an outdated browser that does not support modern web technologies, in order to use this site please update to a new browser.

Browsers supported include Chrome, FireFox, Safari, Opera, Internet Explorer 10+ or Microsoft Edge.

Geek Culture / What's this about?

Author
Message
Torrey
20
Years of Service
User Offline
Joined: 20th Aug 2004
Location: New Jersey
Posted: 24th Sep 2004 14:04
Link
I saw this inside Lee Bamber's Dev Diary:

Quote: "Was going to tackle DLL protection stuff for U5.7 but it is getting very late."


Anyone have the story behind it, or know what it's about?
Back to top
Profile PM Email
IanM
Retired Moderator
22
Years of Service
User Offline
Joined: 11th Sep 2002
Location: In my moon base
Posted: 24th Sep 2004 16:36
Link
Yes, but I'm not going to tell

*** Coming soon - Network Plug-in - Check my site for info ***
For free Plug-ins, source and the Interface library for Visual C++ 6, .NET and now for Dev-C++ http://www.matrix1.demon.co.uk
Back to top
Profile PM Email Website
Torrey
20
Years of Service
User Offline
Joined: 20th Aug 2004
Location: New Jersey
Posted: 24th Sep 2004 16:44
Link
In my mind it sounds like Lee's going to add protection against the program just completely dying out when a call to a dll has failed. I should email him about how to do it with ease, if that's really what he's working on.
Back to top
Profile PM Email
IanM
Retired Moderator
22
Years of Service
User Offline
Joined: 11th Sep 2002
Location: In my moon base
Posted: 24th Sep 2004 16:47
Link
It's not.

Anyway, he's more than capable of doing that kind of check himself.

*** Coming soon - Network Plug-in - Check my site for info ***
For free Plug-ins, source and the Interface library for Visual C++ 6, .NET and now for Dev-C++ http://www.matrix1.demon.co.uk
Back to top
Profile PM Email Website
Torrey
20
Years of Service
User Offline
Joined: 20th Aug 2004
Location: New Jersey
Posted: 24th Sep 2004 16:53
Link
Then that leaves one more thing it can be.
Back to top
Profile PM Email
Dave J
Retired Moderator
21
Years of Service
User Offline
Joined: 11th Feb 2003
Location: Secret Military Pub, Down Under
Posted: 24th Sep 2004 17:24
Link
I think it's more to do with people being able to snag the DLL's from an EXE very easily, more security for DLL's means an easier way to create commercial plugins without the fear that someone can steal it without paying. I'm pretty sure most people know how to get the DLL's from a DBP Exe so hopefully this will solve that problem.


"Computers are useless they can only give you answers."
Back to top
Profile PM Email
Torrey
20
Years of Service
User Offline
Joined: 20th Aug 2004
Location: New Jersey
Posted: 24th Sep 2004 21:35 Edited at: 24th Sep 2004 21:38
Link
That's a tough topic to solve. TGCs can't really do a thing about it with their compiler. At some point in the execution process it will have to drop those files to the hard drive, which can make them vulnerable for snagging. It's necessary for the Windows PE loader.

Here's an idea, but it would lay in the hands of the plugin creators too. The plugin dll after compiled contains a certain value inside it's data section that will keep it from being used till activated (this activation routine would have to be added to the dll main itself). The activation program maps the dll file to memory searches for that raw value and changes it to the machines unique id number. This activation would give the person that purchased the dll exlclusive rights to create programs and games with it. The DBP compiler could verify the machine id with the one in the dll. If it's not a match, then a compile error message will pop up on the screen.

If you feel confused by what I said, ask questions.
Back to top
Profile PM Email
Torrey
20
Years of Service
User Offline
Joined: 20th Aug 2004
Location: New Jersey
Posted: 24th Sep 2004 22:22
Link
Actually a better spot would be the DOS headers since they aren't used often anymore, and it's more of a static location to search.
Back to top
Profile PM Email
Dave J
Retired Moderator
21
Years of Service
User Offline
Joined: 11th Feb 2003
Location: Secret Military Pub, Down Under
Posted: 24th Sep 2004 23:18
Link
I think a wiser path would be to prevent people calling a DLL from within the DBP unless it had been activated, not disimilar to the method they currently use for their own plugins. Then again, there are many, many ways around that.


"Computers are useless they can only give you answers."
Back to top
Profile PM Email
Torrey
20
Years of Service
User Offline
Joined: 20th Aug 2004
Location: New Jersey
Posted: 25th Sep 2004 07:50
Link
That's pretty much the same thing I just said, only difference is I added a protective measure.
Back to top
Profile PM Email
Shadow Robert
21
Years of Service
User Offline
Joined: 22nd Sep 2002
Location: Hertfordshire, England
Posted: 25th Sep 2004 08:04
Link
Protection is over-rated.
Put simply, those who wish to steal your stuff WILL

there is no way around it, all that protection does is stop the casual theives.
this said there are smarter ways to make sure that people don't use your stuff if they haven't legally purchased it.

really i have a feeling a microsoft approach is more than likely to be used... create something that works right now, then patch it for security defects appear later.
as opposed to sitting down and designing a locked down protection to start with.


Back to top
Profile PM Email Website
Torrey
20
Years of Service
User Offline
Joined: 20th Aug 2004
Location: New Jersey
Posted: 25th Sep 2004 10:02
Link
That is true, but honestly you can't develop much with the current technology in the form of protection. No matter what is made it can be defeated with ease, but it'll keep the majority out. WOLF's ezrotate time expiring demo is an example of this. His date checking routine was right in the dllmain. Things that simple are just overwritten with byte 0x90 (nop) to bypass. This bypassing by overwriting is highly possible, but there are several programming tricks in addition to just that dll having the protection id, it needs some help by the compiler too, to do some checking. It can and will be effective for sure.
Back to top
Profile PM Email
Pinball Wizard
19
Years of Service
User Offline
Joined: 25th Sep 2004
Location:
Posted: 25th Sep 2004 10:30
Link
Well, I'm just excited about FPSC.
Back to top
Profile PM
Dave J
Retired Moderator
21
Years of Service
User Offline
Joined: 11th Feb 2003
Location: Secret Military Pub, Down Under
Posted: 25th Sep 2004 13:23
Link
Quote: "That's pretty much the same thing I just said, only difference is I added a protective measure. "


Lol yeah, it is, sorry, I must've been daydreaming off when I read that because I thought you were talking about something else entirely.


"Computers are useless they can only give you answers."
Back to top
Profile PM Email
Back to top

Login to post a reply

Server time is: 2024-09-22 16:19:08
Your offset time is: 2024-09-22 16:19:08