| NEWS | | |  | | FORUMS | | | | | | FREEWARE | | | | | | ABOUT US | | | | | | 
09-13-2003, 04:58 PM
|
#1 | | Junior Member
Join Date: Jul 2002 Location: London, UK
Posts: 20
 |  Handango 'cracked'?
I just heard about the following article ( click here) about there being the vulnerability in Handango's setup to access salable software without making a purchase. Very worrying for developers - me included - anyone know anything more about this? I'm going to write to Handango to try to find out more. | 
|  | |
09-17-2003, 08:53 AM
|
#2 | | Guest | While this is bad it appears that Handango has a patch in test that will fix this problem. They plan to go live with the patch by the 18th of this month. The lesson to be learned here in general is that you should always use reg codes for commercial software. | |
| | |
09-17-2003, 01:40 PM
|
#3 | | NEW! Alienware Area-51m..
Join Date: May 2003 Location: UK
Posts: 212
| Quote: Originally posted by ayasin
While this is bad it appears that Handango has a patch in test that will fix this problem. They plan to go live with the patch by the 18th of this month. The lesson to be learned here in general is that you should always use reg codes for commercial software. |
Why? It is so easy to crack reg codes, just search the web for 'palm warez' and see how many hits you get!
A few groups of crackers have programs out which just 'patch' the palm apps to make them registered. One of them was used to 'patch' the SEGA GameGear Emulator to work on Sony devices a while back, and to swap the ROMS out etc.
__________________
PC: AMD Athlon XP 'Mobile' 2500+ @ 3200+, DFI Ultra Infinity NFII, GeIL Golden Dragon (2x256mb) Dual Channel, ATi Radeon 9800 Pro, 36GB WD Raptor, 80GB Seagate Barracuda, Sony DVD+RW 8x, 17" LG TFT, Chenbro Gaming Bomb Silver
PDA : SONY CLIE NX70v/e, 128Mb MS, 256Mb CF, GameCon
Phone : Nokia N-Gage, 32mb MMC, Various Game Titles
| |
| | |
09-17-2003, 05:52 PM
|
#4 | | Senior Member
Join Date: Sep 2002
Posts: 420
| Quote: Originally posted by mattyj2002
Why? It is so easy to crack reg codes, just search the web for 'palm warez' and see how many hits you get!
A few groups of crackers have programs out which just 'patch' the palm apps to make them registered. One of them was used to 'patch' the SEGA GameGear Emulator to work on Sony devices a while back, and to swap the ROMS out etc. |
It depends on the quality of your security scheme. The EruWare CF Driver has never been cracked successfully and people have been actively trying since it was in beta (ppl who run warez sites bought the product because they couldn't crack it).
__________________
Start by doing what's necessary, then what's possible and suddenly you are doing the impossible.
- St. Francis of Assisi
| |
| | |
09-17-2003, 06:04 PM
|
#5 | | Guest | ayasin,
The only reason it hasn't been cracked yet is not because your brilliant security scheme, believe me, bigger and better have failed.
It is simply because you don't offer a trial version and the good crackers can't get their hands on it.
Don't shoot yourself in the foot. | |
| | |
09-17-2003, 07:04 PM
|
#6 | | Senior Member
Join Date: Sep 2002
Posts: 420
| Quote: Originally posted by Unregistered
ayasin,
The only reason it hasn't been cracked yet is not because your brilliant security scheme, believe me, bigger and better have failed.
It is simply because you don't offer a trial version and the good crackers can't get their hands on it.
Don't shoot yourself in the foot. |
In fact the EruWare driver has been floating around warez sites since beta. Any cracker can download it and try to crack it...good luck.
__________________
Start by doing what's necessary, then what's possible and suddenly you are doing the impossible.
- St. Francis of Assisi
| |
| | |
09-18-2003, 11:14 AM
|
#7 | | Registered User
Join Date: Feb 2003
Posts: 1,424
| To my amazement, ayasin wrote:
> ... Any cracker can download it and try to crack it...good luck.
Hmm, let me get this straight...
You are challenging crackers to crack your software ?
I will agree with 'Unregistered' that you shouldn't be trying to shoot yourself in the foot.
----
Once someone does meet your challenge and crack your software, will you then use the DMCA to sue their *** ???
Cracking is an illegal activity. Just because a system hasn't been cracked doesn't mean the technology is good or bad.
BTW: If you want to have a contest to test the robustness of your security system, then please post something on your site giving permission for people to crack your copy protection scheme.
See the whole debacle with the SDMI audio watermarking challenge. The technology was weak, but the fear of the DMCA did prevent people from talking about the weaknesses.
----
This BBS has a pretty good policy on not promoting clearly illegal activity like posting cracked versions.
The knife cuts both ways.
Please do not encorage illegal activity.
[Just my humble advice] | |
| | |
09-18-2003, 03:12 PM
|
#8 | | Senior Member
Join Date: Sep 2002
Posts: 420
| Since I'm considering open sourcing the deal...sure why not  . Additionally the way the protection works unless you can figure out how to talk to the card directly (hence write your own driver) you won't know when you're correct other than that it will keep crashing.
__________________
Start by doing what's necessary, then what's possible and suddenly you are doing the impossible.
- St. Francis of Assisi
| |
| | |
09-18-2003, 04:04 PM
|
#9 | | Registered User
Join Date: Feb 2003
Posts: 1,424
| > Since I'm considering open sourcing the deal...sure why not
Cool!
Please do.
Would let people tweek the behavior and do other mods.
The greater benefit may be in having a sample CF interface and a sample driver with ARM support. A helpful first step in writing other non-storage CF drivers. | |
| | |
07-13-2005, 02:14 AM
|
#10 | | fake site admim
Join Date: Mar 2004 Location: U.S.A., Earth
Posts: 633
| Quote: | Originally Posted by Unregistered ayasin,
The only reason it hasn't been cracked yet is not because your brilliant security scheme, believe me, bigger and better have failed.
It is simply because you don't offer a trial version and the good crackers can't get their hands on it.
Don't shoot yourself in the foot. |
that helps in deterring some crackers, but turns away alot of potential customers | |
| | |
07-13-2005, 09:59 AM
|
#11 | | Registered User
Join Date: Feb 2003
Posts: 1,424
| Just for the record - this is very old news (and a very old thread)
The EruWare driver was discontinued after a legal battle (including a public pissing match on this BBS, part of the implosion of the company almost 2 years ago). My guess is the claims made by "ayasin" on this thread were part of that pissing battle (ie. challenging people to crack the Eruware software, right before he started selling his own competitive product)
A (slightly) more recent on the comparisons - http://www.1src.com/forums/showthread.php?t=31144
My advice remains to use the free Sony driver (hacked or not) http://www.1src.com/forums/showthread.php?t=65488 | |
| | |
07-13-2005, 10:05 AM
|
#12 | | Registered User
Join Date: Dec 2004
Posts: 1,853
| Hi,
I think that a cracker competition for honour may be it. Some individual is asked to crack the version(but he must buy it before), and if he manages to do a patch and submit it first he will be featured on the homepage/get a lifetime free licence/whatever.
What do you think
BTW; I just signed up at HandAngos. So I may better wait-altough it wont affect me because I do the reg code creation myself.
And once again, I am right saying that developer fulfillment is the best fulfuillment  | |
| | |
07-13-2005, 02:17 PM
|
#13 | | Registered User
Join Date: Feb 2003
Posts: 1,424
| > I think that a cracker competition for honour may be it...
This is getting into big-time trouble. The behavior ("cracking") is still illegal in most places - especially in the USA because of the DMCA.
If interested, check out the history of the first "SDMI audio watermarking challenge" circa 2000.
Even with the approval of the owner/creator of the copyrighted/copy-protected material, you may be in violation of the DMCA. After the official challenge is over, unless you delete all copies everywhere, you can still get into trouble.
Needless to say a ~2 year old idle boast on a BBS should not be taken seriously, even if you ignore the specifics of the Eruware company implosion. | |
| | |
07-13-2005, 02:30 PM
|
#14 | | Custom User
Join Date: Jul 2004 Location: Raleigh, NC
Posts: 3,942
| Is this exactly "cracking" in the real sense of the word? It would seem that this is very similar to the debate over open WiFi access, except we have the right to be on this network. If it is what I think it is, they just havent secured the URLs to their downloads, and they dont change, so you just have to find the URL. The best way to secure it would be either to only create the URL when a registered user wanted the download, or to put all downloads on an HTTPS system, so that no unauthorized user would ever have a chance to download the program.
__________________
Brad Green - Enthusiast Extraordinaire...
Sony TG-50, Sony TH-55, Palm TX...TH-55 still the best
| |
| | |
07-13-2005, 05:12 PM
|
#15 | | Registered User
Join Date: Feb 2003
Posts: 1,424
| Sorry for not defining my terms.
I consistently use the term "cracking" to refer to the process of removing copy protection from software. http://encyclopedia.laborlawtalk.com/Software_cracking [one source, you can find other definitions]
Generally viewed as illegal *and* immoral. Discussion of cracking techniques or technology or where to find "cracks"/"warez" is banned on this BBS.
This is compared to "hacking" which a more general term, and can be used for both legal activity or illegal stuff.
WiFi access is a different category. Someone's very general definition could call someone who wardrives a "hacker" or perhaps a "cracker". I would not call it either.
-----
> Is this exactly "cracking" in the real sense of the word?
Depends on your definition. In this context it is *exactly* my sense of the word.
Forget about the terms "cracking" or "hacking" - they have too much baggage.
Take a look at the DMCA (USA law) http://cyber.law.harvard.edu/openlaw/DVD/1201.html
" Sec. 1201. Circumvention of copyright protection systems "
" Violations Regarding Circumvention of Technological Measures. "
"(1A) No person shall circumvent a technological measure that effectively controls access to a work protected under this title."
That is part of the discussion here (but not on that crazy WiFi thread ;-)
Last edited by CliePet : 07-13-2005 at 05:16 PM.
| |
| | | Thread Tools | Search this Thread | | | | | Display Modes |  Linear Mode | 
Posting Rules
| You may not post new threads You may not post replies You may not post attachments You may not edit your posts
HTML code is Off | | | All times are GMT -5. The time now is 05:57 PM. | |
