Are we seeing the decline of the plug-in industry?

[Tricky-Loops]

@Urs: I think that you are posting too much info about your copy protection methods in a public forum. While it is very generous for you to share techniques privately with other developers, I don't see the benefit of posting it here.

I think Urs is intelligent enough not to post informations that could be applied by crackers... That's the main secret of his success: intelligence...

[schnapsglas]

@Urs: I think that you are posting too much info about your copy protection methods in a public forum. While it is very generous for you to share techniques privately with other developers, I don't see the benefit of posting it here.

I think Urs is intelligent enough not to post informations that could be applied by crackers... That's the main secret of his success: intelligence...

We got quite technical few pages back, but I really think Urs's plugins will be safe.

[Urs]

@Urs: I think that you are posting too much info about your copy protection methods in a public forum. While it is very generous for you to share techniques privately with other developers, I don't see the benefit of posting it here.

The benefit is, in the course of this thread I've told two more developers how to improve their protection with little effort.

I've been talking about this stuff openly ever since the "Fight The Keygens" thread. Until then, a few cracker teams had dominated the audio scene since its early beginnings. After that, more and more cracker teams have become just short lived phenomena. They work a year or two, then give up. Simply because more than 100 audio software developers have shared their knowledge and ideas.

When is the last time we've seen a working keygen? They're extinct in the audio software scene.

The existance of cracks is a whole different matter. There's a whole different strategy involved, and we're happy to share ways to turn it into benefits.

[t3toooo]

In cryptography

Main article: Brute-force attack
In cryptography, a brute-force attack involves systematically checking all possible keys until the correct key is found. This strategy can in theory be used against any encrypted data[1] by an attacker who is unable to take advantage of any weakness in an encryption system that would otherwise make his task easier.
The key length used in the encryption determines the practical feasibility of performing a brute force attack, with longer keys exponentially more difficult to crack than shorter ones. Brute force attacks can be made less effective by obfuscating the data to be encoded, something that makes it more difficult for an attacker to recognise when he has cracked the code. One of the measures of the strength of an encryption system is how long it would theoretically take an attacker to mount a successful brute force attack against it.

and for that you need very powerful computers.


http://en.wikipedia.org/wiki/Brute-force_search

[ontrackp]

I think the industry is just maturing. It happened to hardware synths -- back in the early 80's to be an active pro in music production you had to buy a new synth every year -- after about 10 years we all had racks full of gear -- DX7, Prophet V, Xpander, K2000, M1, D50, the list goes on and on. But then it stopped. Suddenly the new synths were not so different. For me it was around the time the Korg Triton came out. The technology had matured and while there have been incremental improvements, and a huge change in computer software (anyone remember MidiPaint or Studio Vision?) it was no longer necessary to buy new synths every year just to stay in business.

Even though I'm new to using software synths (I just got Zebra2 a couple of months ago) in my research I see a lot of comparable products. Sure there are differences, but at only $200 a pop it's not hard to have a rack of several synths that give you more soundmaking capability than anyone could every use.

I think it's really up to the developers to come up with new features that will meet customer needs to keep the industry alive. It will also grow and mature as the developers make breakthroughs that become "must have's". It's the inevitable cycle of technological development -- you have exponential increases for a certain amount of time, and then it plateau's. What used to be something new and exciting is now just a commodity. Developers have to keep prices at a level that they can stay in business and make some money. I never begrudge a company who makes a great product their fee.

Stealing software is just like stealing music -- it's out and out thievery and I believe the people who steal software should be prosecuted to the full extent of the law. I encourage developers to try to figure out a way for illegal software to literally melt processors.

[Urs]

@Urs: I think that you are posting too much info about your copy protection methods in a public forum. While it is very generous for you to share techniques privately with other developers, I don't see the benefit of posting it here.

I think Urs is intelligent enough not to post informations that could be applied by crackers... That's the main secret of his success: intelligence...

We got quite technical few pages back, but I really think Urs's plugins will be safe.

Yes. The point is, the more developers jump on the "too tedious to crack" bandwaggon, the more time needs to be spent on cracking and the more time is bought until anything gets eventually cracked.

And if something doesn't get cracked properly, i.e. a time bomb goes off in a project that the freeloader has invested hundreds of hours in, then he buys. This is what we do. We turn piracy users into legit customers.

[MaxSynths]

I've used a dongle since 1993 (a black metal thing for my copy of Steinberg Pro24 on the Amiga500)...

LOL I know what you are talking about (got something like that in my A600 joystick port... can't remember the name of the sound editor software though).

[Frantz]

The benefit is, in the course of this thread I've told two more developers how to improve their protection with little effort.

Are you learning anything from other devs or are you just teaching them? If it is the later, you could tell devs to contact you privately for copy protection hints. Or perhaps there could be a restricted KVR dev forum for these discussions.

It seems like you haven't given away answers to crackers in this thread but you might have saved them weeks of effort with your hints.

When is the last time we've seen a working keygen? They're extinct in the audio software scene.

I don't know anything about it. I'll take your word for it.

[Urs]

how long it would theoretically take an attacker to mount a successful brute force attack against it.

There's the point. One can do a couple of million RSAs whatsoever in a second. But if the outcome isn't tested right after the decryption e.g. it's tested a second or two thereafter, a brute force attack needs a magnitude of years to succeed.

[Urs]

It seems like you haven't given away answers to crackers in this thread but you might have saved them weeks of effort with your hints.

Nah, I haven't given away anything they haven't read in their proud nfos (those are information files accompanying cracks, wherethey brag about finding the copy protection). They've known about time bombs, but they have no idea where and how they're triggered.

I'm sure if I posted what we do, they would learn only one thing: To stay away from cracking. The fame is short lived, because a few posts down on the torrent site will be someone who ran into yet another time bomb.

Yet, well, we're not the only ones using those methods, and I know some devs who wouldn't be comfortable with posting details.

[Urs]

Another important point to combat the myth of the genius cracker is of course to comfort the legal customers. It's not only frustrating for developers when stuff is cracked, it's also frustrating for people who have saved their pennies to afford the software legally.

I think there was a thread just recently where someone was upset about piracy from the perspective of the legal customer.

Our strategy involves "make the crackers/freeloaders believe they succeeded and then turn the pro users of piracy into legit customers". Hence in a way we may seem to contribute to this kind of frustration. By being open about it, we're preparing piracy users to be turned, and we're giving legit users the comfort of knowing that the frustration is all on the side of the crackers and piracy users.

[Frantz]

Nah, I haven't given away anything they haven't read in their proud nfos (those are information files accompanying cracks, wherethey brag about finding the copy protection).

I didn't realize this. Thanks for explaining.

[tapper mike]

As a support technician in the software field (not audio) I've clocked well over 200,000 support calls (I may break 300,000 by years end) We've got a fairly solid protection system in place. A very large number of support calls I deal with is with frustrated illegal downloaders. We can tell when someone is trying to use an illegal version. I just suggest to them that if the illegal version doesn't work then it's time to buy the legal one. Some get madder, some just go away and some actually buy the product.

I'm unaffected by the threats and move along. I treat it like this. I'm getting paid to answer support calls. If someone is mad because the crack isn't working they are mad at the wrong person/place. I'm still making money and they get nothing until they purchase the product. If they come back even madder I simply tell them to get mad at the folks who made a fool of them by linking to something they know doesn't work.

[Delfinoverde]

Our strategy involves "make the crackers/freeloaders believe they succeeded and then turn the pro users of piracy into legit customers". Hence in a way we may seem to contribute to this kind of frustration. By being open about it, we're preparing piracy users to be turned, and we're giving legit users the comfort of knowing that the frustration is all on the side of the crackers and piracy users.

That 'sounds' intelligent! I think you're doing right.
If i was a software developer seeing my (hard) work cracked/reversed and then spread in 500'000 links or more all over the www i'd probably adopt a similar Philosophy. Yet there's still a secret law about it: The more resistance you put into perceiving obstacles or enemies - the more you attract them.

[pdxindy]

Really smart people don't crack. They COULD, but they don't. Because it's not efficient. They work with things that actually teach us something.

Cracking is just plagiarizing someone else's work. Really smart people want to create something of their own.