For The Paranoid: Extra Defenses Against Unpackers and Strippers
对妄想狂者:额外的防卫对抗解包和脱壳
If we gave specific defenses, crackers would be able to look for them as well, so we will just give guidelines, hints, and suggestions here. None of these defenses will stop a determined attacker, but anything that slows him or her down will help your program, and will discourage many into giving up completely. Note that these defenses are only necessary if you believe that your program will be stripped out of the protective SoftwarePassport/Armadillo shell; as long as SoftwarePassport/Armadillo is protecting your program, none of them are required.
如果我们给出一个特殊的防护,破解者也将会找他们,因此这里我们将只是给出指引,提示,和建议。这些防卫不能停止一个决定了的攻击,但是任何使他减慢的事情将有助于你的程序,并将阻碍很多人直到完全放弃。注意,这些防卫只是必须的,如果你相信你的程序将被脱壳;只要SoftwarePassport/Armadillo在保护你的程序,它们没有是必需的。
First and foremost: Get a custom build! We cannot over-stress the importance of this. A custom build of SoftwarePassport/Armadillo is automatically immune to automated attack programs; all programs protected by a custom build must be cracked manually, which means only the most skillful crackers can do it. A custom build also provides extra protection features, such as the Nanomites. Since most would-be crackers simply use the tools provided by more skilled ones, this will stop almost all of them cold.
第一和最重要的:获得一个定制结构!我们不能过分强调这个的重要性。一个SoftwarePassport/Armadillo的定制结构对自动攻击程序是自动免疫的,所有被一个定制结构保护的程序必须被手工破解,这意味着只有最数量的破解者才能做到。一个定制结构也提供了额外的保护功能,例如Nanomites.因为多数可能的破解者只是使用由更多熟练的人提供的工具,这将不留情的阻止几乎所有这些人。
Be subtle! Do something that won't be detected quickly!
狡猾点!做一些不能被快速探测的东西!
If a cracker can see a problem, such as a crash, he or she can alter the code to change or avoid it. Since most cracked programs are released as soon as possible after being cracked, a delay of a few days or a week or more before causing problems with the cracked version will cause no end of headaches for the cracker.
如果破解者能看到一个问题,例如一个crash,他能改变代码来改造或者避免他。因为多数被破解程序在破解后被尽可能快地发布,破解版本在导致问题前有一个几天或者一周或者更长的延迟将导致破解这无尽的头痛。
Some crackers are now testing their cracked programs at various future dates as well, to detect this kind of thing. To deal with that, it's best to delay the crash by ten minutes or more, and don't have it happen every time -- maybe only randomly, once out of every five or more runs, or only when run during normal working hours or in the evening, whenever your program is likely to be used.
一些破解者现在也测试他们破解的程序在不同的未来日期,来探测这种事情。要处理这种情况,最好延迟crash 10 分钟或更多,不要让他每次都发生―或许只是随机的,一旦超过每5次或更多次运行,或者只是当在通常工作时间或者在晚上运行时,那个时候你的程序可能被使用。
Encrypt the string names that you're checking for
加密你要检查的字符串名
Use some form of encryption (a simple XOR will do for most cases) to hide the names of environment variables and other text strings from anyone looking at the raw program.
使用一些加密表格(大多数情况下XOR就可以)来隐藏环境变量和其他文本串防止任何人察看源程序。
Don't be too efficient! Check it separately every time!
别省劲!每次单独检查他。
If you do all your checking in one function, then it's possible for a cracker to find that function and modify it. If you check things (such as if the program is still protected, or what certificate it's running under) separately in multiple places, then the cracker has to track down each and every instance of the checking code.
如果你在一个函数里做所有的检查,那么对一个破解者找到那个函数并编辑他是可能的。如果你检查things(例如是否程序仍然被保护,或者他运行在什么证书下)分别在多个地方,那么破解者不得不跟踪checking代码的所有每个实例。
Check for different strings
勾选不同的字符串
Don't put all your proverbial eggs in one basket. Use SoftwarePassport/Armadillo's "extra strings" feature to store several unique strings in each certificate, and check for a different one in each place you check for them.
不要把所有的鸡蛋放在一个篮子里。使用SoftwarePassport/Armadillo的"extra strings"功能来出错几个独特的字符串在每个证书,并勾选他们在每个地方勾选不同的。
Load the GetEnvironmentVariable function dynamically, and hide the name of the function and the DLL
动态加载GetEnvironmentVariable函数,隐藏函数和DLL的名字。
Consider loading the GetEnvironmentVariable dynamically every once in a while, instead of using the statically-linked version, and use a simple form of encryption to hide the name of the function and the DLL you're loading it from.
考虑偶尔动态加载GetEnvironmentVariable,而不是使用静态链接版本,并使用一个简单的加密表格来隐藏你从他加载的函数和DLL的名字。
Contact us for other ways to detect this
联系我们了解探测这个的其他方法。
There are a few other very simple and efficient ways to determine whether the protection has been removed from your programs, and to add other defenses. For security reasons, we will only pass them on to people who have already purchased SoftwarePassport/Armadillo.
有几种非常简单和有效的方法来测定你的程序的保护是否被除去,并增加其他防护。因为安全的原因,我们将提供这些方法给已经购买了SoftwarePassport/Armadillo的人.
以下内容略。
Troubleshooting Tips 故障提示
Getting Paid (or, Using SoftwarePassport/Armadillo's Features Responsibly) 购买
Revision History 版本历史
Bugs and Limitations 缺陷和限制
最初由 mjahuolong 发布 How can I defend my program from crackers? 如果防止我的程序被破解? SoftwarePassport/Armadillo is good, but it's not perfect. It works best when both you and your program cooperate in the defenses. We have a complete description of the various attacks and how you can defend against them here. SoftwarePassport/Armadillo保护是好的但是不是完美的。当你和你的程序在保护上协作时工作最好。我们有一个完整的描述关于各种攻击和你如何对抗他们。
