Tips and Tricks on optimizing Software License Protection Dongle

www.rockey.com.my

Tips and Tricks on optimizing Software License Protection Dongle

To achieve maximum security of Software License Protection Dongle, one must first understand the core protection concept of the chosen Dongle and plan ahead on how to utilize the provided security features into their protection before actual integration. Below are some useful tips and tricks on optimizing protection in Software License Protection Dongle.

1.Combining API and Envelope
Most Software License Protection Dongle will come with API (Application protocol interface such as DLLs and Object files), where there are various libraries files provided for software vendors to include protection function calls into their source codes. Envelope is whereby the software vendor can make use of the provided shell program to encrypt their application without the need to modify their source code. The best protection will be Envelope after completed the API protection, a combination of both.

2.Updating Protection
As the best protection now might no longer secure few years later, it is very important that the software vendors will keep updating their protection more often. The best practice is to change their protection strategy for different versions or product, do not use the same strategy once for all.

3.Object vs DLL Links
In order to gain higher security, a software vendor should link their applications to the Software License Protection Dongle’s objects instead of DLLs. This is because link by objects will be compiled and integrated as part of the protected application of which will make simulating attacks more difficult.

4.Intelligent use of API Calls
A smart protection should include multiple API calls with different security function calls from various program points. Protection with more various different API calls will definitely harder to trace than protection with few almost similar API calls. Try to make your API Calls more sophisticate.

5.Dummy API Calls
One simple ways to make your protection even harder to hack is to include some dummy API Calls, i.e. some API or security checks that will not have any legitimate reaction. Such method will be able to confuse hackers who will need to spend more effort on analyzing such dummy API calls that they will never know this is not the “real” one.

6.Delay Reaction
Most software vendors practice direct reaction in their implementation should the API calls found no dongle or invalid return, thus hackers are able to back trace the security checking points and then bypassing it. To make your protection even harder to back trace, perhaps you can delay some of your reactions to confuse the hackers, means if detected no dongle or invalid return then keep a validity flag in your program then at later program point only suspend the program.

7.Manipulate Functionalities
Many software vendors include standard response such as displaying error message and suspending program should there is no dongle found or invalid return. Another better ways to make hacking harder is to alter the program functionalities should the dongle not found, such as disable printing report features until a valid dongle is attached. Hacker might not realize there is security check point that restricted the program functionalities.

8.Authenticate instead of compare
Direct comparing value is just too easy to understand, should the dongle product chosen provide possible features to allow software vendors to perform certain authentication such as Checksum after performing predefine security algorithms, use it. Some dongle products provide more advanced security features such as onboard encryption, seed code or random code generation, onboard security algorithms, of which it will maximize protection if we utilize it in the right manner.

To know more about software protection, software licensing protection, software dongle, please visit http://www.rockey.com.my


*************************************************************************************
Website : http://www.rockey.com.my
Contact Email : sales@rockey.com.my
Support for ROCKEY: support@rockey.com.my
Phone : +603-8996 8225
Fax : +603-8996 7225
Categories : Software, Technology, Software Security
Tags : software dongle, software protection, software license protection, encryption tool, software anti debugging tool, software license dongle, control software copy, USB Dongle, Software USB Dongle, affordable dongle, strong encryption dongle, cost effective dongle

What's New on ROCKEY4ND

contact : www.rockey.com.my

What's New on ROCKEY4ND?

ROCKEY4ND is our enhanced version of the most popular ROCKEY4 model. We develop ROCKEY4ND based on our customers' suggestions together with our market study. This new model will definitely add stronger momentum to make ROCKEY4 ahead of the other similar products in the market.

New Features are:

Driverless

Completely Plug & Play without the need to install any device driver, the supported operating System (Win98SE/ME/2000/2003/XP/Vista?Window7(beta)/Linux/Mac OS X) will recognize ROCKEY4ND as an HID device in the system. Perfect solution to eliminate potential end user technical support issue arise on device driver.

Bigger Memory

ROCKEY4ND come with total 1000 bytes User Data Zone, i.e. 500 bytes low memory area which can be read/written with Basic Passwords (P1 & P2) and 500 bytes high memory which can only be written with Advanced Passwords (P3 & P4) but still readable with Basic Passwords (P1 & P2).

More Modules

ROCKEY4ND has increased Module Zones from previously 16 Modules to now 64 Modules. You can now protect up to 64 software modules/products with a single ROCKEY4ND.

More Algorithms

ROCKEY4ND comes with 128 User Definable Algorithms which will allow developers to include more comprehensive security algorithms as they wish.


64-bit Protection

ROCKEY4ND provides protection not only for 32-bit applications running on 64-bit Operating System, but also for 64-bit native applications.


100% Compatible with old ROCKEY4

ROCKEY4 programs can be seamlessly migrated to ROCKEY4ND without the need to modify source code. All the APIs are the same except the dll/lib files, what you need to do is just replace the old dll/lib files.


*************************************************************************************
Website : http://www.rockey.com.my
Contact Email : sales@rockey.com.my
Phone : +603-8996 8225
Fax : +603-8996 7225
Categories : Software, Technology, Software Security
Tags : software dongle, software protection, software license protection, encryption tool, software anti debugging tool, software license dongle, control software copy, USB Dongle, Software USB Dongle,





*************************************************************************************

What is ROCKEY4 Software Protection and how ROCKEY4 Protection work?

www.rockey.com.my

What is ROCKEY4 software protection dongle?

ROCKEY4 is an advanced software protection system that attaches to the parallel or USB port of a computer. Your software may be duplicated, but it will only run when your ROCKEY4 dongle is attached to the computer. Your application will interact with ROCKEY4 at start-up and during runtime, No Dongle means No License to execute your software. You can also limit the use of your software which is very common in the software industry for DEMO purposes or SHAREWARE.

In the case of software developers offering multiple modules, ROCKEY4 allows you to protect up to 16 applications per dongle at any one time (ROCKEY4ND now support 64 modules). Since every ROCKEY4 dongle comes with a unique ID, software developers can even restrict the application to only allow to execution with a particular dongle.

Unlike some competing products, ROCKEY4 is in fact a powerful miniature computer, with a CPU, memory and specialized firmware that allows for robust interaction with your application. You may write algorithms that are securely stored in the dongle, and then call those algorithms from time to time in your application. This method for software protection is almost impossible to crack. Although designed for high level security, it is also relatively easy to implement.

There are three common ways of implementation:

1. Enveloping (shell)

In the ROCKEY4 SDK CD, there is an Enveloper program which allows software developers to encrypt any executable files in a few simple steps. This solution does not require any programming skills and is an ideal solution if you do not posses the source code for the application.

2. API

The ROCKEY4 API is where software developers can integrate the highest protection from ROCKEY4 by calling specialized instructions into the application source code. You will find many useful API samples for all the popular programming languages as listed below:

API32 Samples

* ActiveX (Delphi 4, JavaScript, Visual Basic 6, VBScript, Word)
* Borland C/C++ 5.02
* C++ Builder 3/4/5/6/Pro
* Delphi 3/4/5/6/7/2005/2006/2007
* DLL (Access 2000, ASP, FoxPro, LabView, PowerBuilder, VB6, VC6, MFC)
* Fortran Power Station
* Java
* AutoCAD for Windows 13/14
* Visual C++ 6.0
* Visual Studio .net

API16 Samples

* MASM 6.x
* Borland C/C++ 5.02
* Delphi 1.0
* Tool Book 3.0
* Visual Basic 3.0
* Visual Basic 4.0
* Visual C/C++ 1.52

DOS Samples

* Borland C/C++ 3.1/4.5
* Clipper
* FoxPro 2.5/2.6
* Microsoft C/C++ 7.0
* QuickBasic 4.5
* Turbo C 2.0
* Turbo Pascal 7.0
* Watcom C/C++ 10/11
* Novell 5.0 NLM

3. Enveloping (Shell) + API

A secure system combining both the API and Enveloping methods, thus will establish greatest level of protection for your software.




*********************************************************************************

Website : http://www.rockey.com.my
Contact Email : sales@rockey.com.my
Phone : +603-8996 8225
Fax : +603-8996 7225
Categories : Software, Technology, Software Security
Tags : software dongle, software protection, software license protection, encryption tool, software anti debugging tool, software license dongle, control software copy

*********************************************************************************