I worked for a company called Freeloader. They had a business model of buying distribution rites for PC games, splitting them into downloadable modules, and giving them away.

Money came in from advertising.

I would get a copy of the game from whatever shop had it in stock, remove the copy protection, and then split the game up into modules.

Removing the copy protection took on average 20 minutes. One game did take me four days, but the average was a few minutes.

Commercial copy protection systems were the easiest to get rid of as the technology only had to be understood once.

When I worked at Gremlin Graphics, Fungus The Bogeyman did once add a string to one of his games. He left "Hacked by Fungus" and his phone number in the game image.

About two weeks after release, someone called up to say "Thanks for hacking the game"

You could add something to have the username of the person appear on the legit products. That will make pirates feel bad whenever they see the name of the first pirate on their pirate product >:3

I was actually thinking of something along these lines. More or less a name and shame, have the details of the initial leak plastered all over the screen.

If you really want to add anti-piracy:

Release a purposefully 'cracked' and 'buggy' version of your dll to pirate websites (high-cpu usage, frequent crashes, ect). Several versions infact, make them seem as legit as possible. You can even add a time delay to make it seem like it works perfectly at first. Having an already released 'cracked' version of you software will also deter crackers from actually cracking it too since they think its already been done and if they do crack it.. it will be just be mixed in with your version.

This should really frustrate the pirate community. Though, I'm not sure if that will result in more sales for you

I heard of an instance where on company did this and the reviewers got a hold of the 'dodgy' version and the program was reviewed on the faulty merits. This apparently killed sales as the reviewers said 'dont buy it'.

I am wondering, should I also add an internal 'kill switch', so the DLL communicates back to a server to see if it is 'valid'. Ie. kill the leaked DLL's?

If you manage to install software on a user's computer, have it call home, and delete or modify files on the user's computer under remote instruction without the user's permissions you have committed a criminal act in many jurisdictions and immoral act in all of them.

Not at all, there would be no modifications to the file system at all.

It would communicate to the server > ask if vaild > if response==false > don't operate.

Simple..

[edit]

To clear things up. It wouldn't be a criminal act if the user obtained the software illegally in the first place?

I'd love to see that stand up in court. "I downloaded this i'llegal software but it won't run on my machine". "Err, I want my money back?".

If you manage to install software on a user's computer, have it call home, and delete or modify files on the user's computer under remote instruction without the user's permissions you have committed a criminal act in many jurisdictions and immoral act in all of them.

So... license validation is illegal and immoral? Software updates are illegal and immoral? Copyright protection is illegal and immoral?

The OP is talking about selling software, which no doubt would come with reasonable terms and conditions. The buyer would be aware of any 'phone home' checks in place.

Even if the file was programmed to delete itself from the users hard disk if it was detected to be illegal, does 'ownership' of the illegal file then pass to the pirate just because it is resident on the hard disk?

Microsoft would be screwed if this were the case with all of those Windows 8 Trial copies on peoples computers that will 'blue screen of death' when the trial period is over. It is a case of trial is over, therefore access is over.

Sounds like that, too, would be cracked, by someone who figures it out, and replaces that code with either one that brute force increments the GUID until it finds one that is accepted, or generates one from your own machine that is unlikely to collide with anyone else's.

my most popular game got hacked. losses were so bad i had to fold the company.

Man, that is terrible. Proof of what can happen to a good product.

If my library takes off as well as I think it will, I am sure that it will be hacked in no time. That is my biggest worry.

So, I have no idea what I should do to protect my IP in this case.