Software protection is required to protect the investments and the profitability of a software product, especially for standalone applications in desktop environments.
The static analysis of an executable can reveal details about its inner workings and the software design. As an example, it may be possible to extrapolate URLs from text strings and login credentials used by the program to receive remote updates or to interface with license management systems.
Programs written in bytecode languages can be easily disassembled. This makes it possible to recover the source codes from the executable, modify them to avoid any limitations, and thus unlock all software features.
This can damage the profitability of the product and, in some cases, compromise the manufacturer's intellectual property.
In other cases, some vulnerabilities can be exploited to spread malicious third-party software. In this case, the major risk consists in the loss of reputation and credibility.
Each protection system has weaknesses that can expose the software to improper use, so no defense strategy, however elaborate, is bulletproof.
However, it is possible to apply several methodologies with the purpose of hindering the reverse engineering process, reducing the chances of success for attackers with a medium-low level of skills.
Our services include the analysis and implementation of various protection strategies:
- Static analysis of the executable aimed at identifying vulnerabilities
- Stripping and obfuscating of executables written in bytecode languages
- Implementation of anti-debugging solutions
- Compression and encryption of the executable by loader
- Implementation of anti-tampering techniques
License management systems
The licenses of use distributed with commercial software allows to legally restrict the use of all software features, or just a part of them, to buyers only.
Time-based license strategies, the measurement of resource consumption, the ownership of a soft or physical dongle can be used to enforce such policies.
License management systems make use of various cryptographic schemes to protect license information from the risk of manipulation.
Once more, no license system is 100% effective, but it is always possible to implement defense strategies that will be sufficient in many contexts.
Our services include the integration of licensing systems:
- Software licensing systems based on asymmetric cryptographic schemes
- Licensing systems based on hardware dongle with USB interface