Now another question: Would it be possible to fake that TCP GET request? Get that file locally and tell the myapp to use that instead?

It would be possible, but its likely that your would-be hacker will do something much simpler: they'll examine your software to find the function that performs the check and replace it with a version of their own that simply reports a valid key, bypassing the online check entirely.

They'll then likely share their patched version (or a patching program) via download sites and torrent trackers so that less technically skilled users can also benefit.

Any software running on your end user's hardware can be modified, and for a skilled cracker it isn't even very hard to do.

Sigh, so what to do?

The most common suggestion -- at least in this community -- is to just forget about it and go DRM free, and for many people this effects their purchasing decision; "DRM free" can be a selling point for many games, as seen on GOG (Good Old Games), Humble Bundle sales, and elsewhere.

Next most common is that you should just go with something a) very quick and simple to implement and, b) that doesn't have any risk of impacting legitimate customers. In your case, it sounds like the suggestion given above of simply displaying the name of the licence holder may help to discourage piracy. It's extremely quick and easy to implement, it's extremely unlikely to introduce any bugs, and there won't be any negative impact for legitimate customers.

Personally, I would just go with one of those.

If you really want to do something more complicated you should probably consider whether or not you can offer online services (such as match-making, multi-player, etc.) that complement your game. You can then prevent pirated copies from accessing your online services.

There are a few groups of people that consume games:

1) People who buy games - these are people that won't visit a pirate site or download a torrent for any reason (not counting Blizzard's patch torrent and stuff like that). Make a good game, and these people will buy it.

2) People who pirate games - these people never pay money for games, so any copies of your game that they get really don't count as 'lost sales', because they were never going to buy your game under any circumstances.

3) People who buy games but avoid DRM - make a good game, and these people will buy it, unless they feel it's "locked down" somehow. Any complicated or "strong" DRM is going to cost you sales with this group.

4) People who sometimes buy games, but sometimes 'pirate' them as well. DRM doesn't really matter to these people - unless the 'legit' version is somehow crippleware. Make a good game, set it at a reasonable price point (what reasonable is for them may or may not be reasonable to you) and they'll buy the game.

5) Impulse buyers - if your game is $20 or under, and the jewelcase has a picture of a hot chick in a chainmail bikini, these people may buy your game.

I may be simplifying this, but I don't think there are any consumers out there saying, "Oh boy! It's got DRM!!!" and buying the game because of it.

If you really want to do something more complicated you should probably consider whether or not you can offer online services (such as match-making, multi-player, etc.) that complement your game. You can then prevent pirated copies from accessing your online services.

yes, keeping part of the game on a server is about the only way, and even then you simply move the battle from their backyard to yours. they can still try the online hack and cheat thing.

Some DRM cause so much trouble even legal users have to use cracked ones.

A few years back Apple was requiring a USB dongle for its 'Pro' audio/video products. Problem was, the damn things were really easy to lose, and a hassle to replace.

Most everyone kept the dongle locked in a safe somewhere, and cracked the software on their laptop to avoid carrying the damn thing around.

Moral of the story: if your software is worth it, people will buy it, and DRM tends to make those paying customers miserable.