here's the comment area for today's blog post found at
http://zabkat.com/blog/keygen-safety-part-2.htm
blog: xplorer2 1 - pirates 1
Moderators: fgagnon, nikos, Site Mods
There's something rather indicative about roosting chickens when an article starts with:
...and ends with...in a classic case of tempting fate and insulting the Olympian gods with my mortal's arrogance
Didn't Archimedes discover that it's never a good idea to piss into the wind?Only time will tell, but dear hackers please get your act together because as things stand you are beaten <g>
ZABKAT.xplorer2.Pro.v2.1.0.2.Multilingual.Incl.Keymaker-ZWT
Hopefully you learned your lesson..:) (yes, I have my own very legal license to this software so I have nothing to fear...). Ok, I must admit, this is for Pro version which have less secure protection (if I understood correctly) but I think this version is enough for most of person who are using xplorer2 instead of some other similar softwares. In functional point of view, they are pretty much identical so ultimate version isn't even required for most of us.
I know you don't agree my opinion, but if you ask me, copy protections are waste of time. If you, instead, focus to keep your software as highquality as possible, people will pay for it, even it's available as a "warez" somewhere. That's what I have been doing... I have been purhasing alot of licenses to softwares which have been long time available as a warez version. Why I'm acting like this? Answer is simple: I like those softwares SO much I feel I can support developers to keep up the good work (those developers _listen_ to their users and try to keep them happy as well as possible). I'm not saying, you're not listening your audience but ... something tells me, listening a little bit more and giving up in some principles, you could win more loyal users (who purhaces their licenses from you).
All the best from Finland!
Hopefully you learned your lesson..:) (yes, I have my own very legal license to this software so I have nothing to fear...). Ok, I must admit, this is for Pro version which have less secure protection (if I understood correctly) but I think this version is enough for most of person who are using xplorer2 instead of some other similar softwares. In functional point of view, they are pretty much identical so ultimate version isn't even required for most of us.
I know you don't agree my opinion, but if you ask me, copy protections are waste of time. If you, instead, focus to keep your software as highquality as possible, people will pay for it, even it's available as a "warez" somewhere. That's what I have been doing... I have been purhasing alot of licenses to softwares which have been long time available as a warez version. Why I'm acting like this? Answer is simple: I like those softwares SO much I feel I can support developers to keep up the good work (those developers _listen_ to their users and try to keep them happy as well as possible). I'm not saying, you're not listening your audience but ... something tells me, listening a little bit more and giving up in some principles, you could win more loyal users (who purhaces their licenses from you).
All the best from Finland!
Re: blog: xplorer2 1 - pirates 1
That sucks... hunikos wrote:here's the comment area for today's blog post found at
http://zabkat.com/blog/keygen-safety-part-2.htm
"1024 bit RSA encryption" can't be brute-forced, I'm not sure tho.
3.1.0.1 ULT [Unicode] x64 11/12/15
When a FBI I.T. security expert was asked at a conference why he had two notebooks, his reply was, "one computer NEVER goes online and it has all my important information, the other computer is my online notebook which is only used for online work".
A black hat friend told me that the above approach was the most secure way of protecting a computer from being "quietly owned".
There are dozens of brilliant young minds out there dedicated to zeros and one's always looking for a challenge, if one throw's down the gauntlet hold onto your white hats for the internet will become the wild west...or is it already ?...
A black hat friend told me that the above approach was the most secure way of protecting a computer from being "quietly owned".
There are dozens of brilliant young minds out there dedicated to zeros and one's always looking for a challenge, if one throw's down the gauntlet hold onto your white hats for the internet will become the wild west...or is it already ?...
Humm,
if somebody in the year 2012 says that 512-bit RSA isn't breakable, that person shouldn't be calling himself an RSA expert, and you should stop taking advice from him.
And, since you have to upgrade, why move to just 1024-bit? You should've gone 2048-bit - and found some real expert (no, that's not me
) to discuss key generation with. As I've already mentioned, asprotect had it's RSA-1024 (iirc) fully broken back in 2001 (where there was a lot less CPU power available), because of bad PRNG implementation. Same kind of thing happened for Debians SSH keys back in 2008.
A weakness in your keys (or just a bit of bruteforcing on a cloud service - RSA-512 isn't that bad these days) is much more likely than ZWT hacking any of your systems.
if somebody in the year 2012 says that 512-bit RSA isn't breakable, that person shouldn't be calling himself an RSA expert, and you should stop taking advice from him.
And, since you have to upgrade, why move to just 1024-bit? You should've gone 2048-bit - and found some real expert (no, that's not me
) to discuss key generation with. As I've already mentioned, asprotect had it's RSA-1024 (iirc) fully broken back in 2001 (where there was a lot less CPU power available), because of bad PRNG implementation. Same kind of thing happened for Debians SSH keys back in 2008.A weakness in your keys (or just a bit of bruteforcing on a cloud service - RSA-512 isn't that bad these days) is much more likely than ZWT hacking any of your systems.
there are many known vulnerabilities e.g. the old openssl bug, and more
we'll have to wait and see if an ultimate keygen is released or not, that will answer all the questions
we'll have to wait and see if an ultimate keygen is released or not, that will answer all the questions
All this hassle regarding keygens... what will you do when a valid license file is leaked?
Distributing trials as demos with limited functionality solves the issue with having to worry about keygens or even trial circumvention methods like sandboxes. Of course, you would then have to send full versions to paying customers and you would not have to be concerned with piracy then more than you would be concerned now with leaked license files.
Distributing trials as demos with limited functionality solves the issue with having to worry about keygens or even trial circumvention methods like sandboxes. Of course, you would then have to send full versions to paying customers and you would not have to be concerned with piracy then more than you would be concerned now with leaked license files.