# Yarr Buster a software anti-piracy protection technique

## Recommended Posts

Octarinne    123
Hello,

I've been working on a protection technique that I think has never been tried. I protects a program by encoding the serial protection in the source and generating a unique .exe for every user. Each serial can only be used with the corresponding .exe. If you want to see some source and know more about this technique, please visit the Yarr Buster site here:

http://software.collectionsbp.com/YarrBuster/

and let me know what you think here!

##### Share on other sites
Sounds cool, but what's to prevent a hacker from just copying the program, with the same serial key? Couldn't he just distribute his key with his version of the program?
Even if a developer makes the serial key "call home" to verify it's not been used before, the hacker could merely disable the call home part, and the whole thing falls apart. (Security is only as strong as the weakest link - break the weakest part and everything else doesn't matter)

Quote:
 7 - Unprotect code that should be fast by loading the original project and copying the old code over the protected code that should not be protected.

What if the project is thousands of files, and hundreds of thousands of lines of code? You'd have to copy and paste plenty of the original code, manually.
Wouldn't a better idea be to use source comments, and do something like this:
..code I don't want protected (due to speed issues or whatever).//<YarrBuster>..code that Yarr buster can mess with.//</YarrBuster>..code I don't want encrypted.

[Edited by - Servant of the Lord on October 10, 2010 4:47:04 PM]

##### Share on other sites
Octarinne    123
Quote:
 Original post by Servant of the LordSounds cool, but what's to prevent a hacker from just copying the program, with the same serial key? Couldn't he just distribute his key with his version of the program?

You're right. He could. You could always link the serial to the hard disk of the user but I personally don't like this since I like to be able to install software after a long time on a new system. The technique I am proposing is not 100% efficient but it's the most effective technique I could come up with that isn't penalizing to a legitimate user.

Quote:
 Even if a developer makes the serial key "call home" to verify it's not been used before, the hacker could merely disable the call home part, and the whole thing falls apart. (Security is only as strong as the weakest link - break the weakest part and everything else doesn't matter)

The call home thing is for program that require an on-line connection to use like on-line games for example. My technique would ensure that only legitimate users could connect. Still, without my technique if the server checks for a correct serial it should avoid piracy as far as I know.

Quote:
 Wouldn't a better idea be to use source comments, and do something like this:..code I don't want protected (due to speed issues or whatever).//..code that Yarr buster can mess with.//..code I don't want encrypted.

Yes it would, excellent idea. The source I have provided is only a prototype to demonstrate how the protection works, there's room for improvements. Thanks for your comments and suggestion!