Comments on: AquaticPrime Warning

By: Justin

Justin — Wed, 18 Mar 2009 03:07:09 +0000

Forgot the other important part, there would also be a second invalid “test” key, so it would also check to make sure the invalid key was rejected. Doing this would also cover the scenario where it was modified to accept all keys.

By: Justin

Justin — Wed, 18 Mar 2009 03:05:24 +0000

Wouldn't it be possible to embed an encrypted “test” key into the app? That way you could run the test key, make sure it shows as valid, then run the real key. If someone used the input manager crack, then the “test” key wouldn't be accepted. Then, in order to crack the app, the encryption on the “test” key would have to be broken too.

By: Justin

Justin — Tue, 17 Mar 2009 23:07:09 +0000

By: Justin

Justin — Tue, 17 Mar 2009 23:05:24 +0000

By: Amaury

Amaury — Mon, 21 Aug 2006 17:36:52 +0000

Thank you for your work, Lucas. AquaticPrime is very clear and well documented.
However, if this framework is not the best one, what are the alternative solutions I can use ?
Anybody can write a state-of-art ?

By: Amaury

Amaury — Mon, 21 Aug 2006 16:36:52 +0000

Thank you for your work, Lucas. AquaticPrime is very clear and well documented. However, if this framework is not the best one, what are the alternative solutions I can use ? Anybody can write a state-of-art ?

By: Red Sweater Links » Blog Archive » Cracking AquaticPrime

Red Sweater Links » Blog Archive » Cracking AquaticPrime — Wed, 14 Jun 2006 13:53:26 +0000

[...] Link. [...]

By: Lucas Newman

Lucas Newman — Thu, 08 Jun 2006 23:06:57 +0000

Daniel: I personally am not going to make an changes to AquaticPrime interface at this point. I spend 60 hours a week programming full time for Delicious Monster, so the idea of taking my spare time to fight with crackers and bicker with other developers over the relative [in]security of my framework is not very appealing, to say the least, especially when dealing with an “unsolvable” problem like runtime patching and binary modifications. I made the entire framework open source, so if these changes are trivial, I would be happy to accept a patch from you, which I will roll into the distribution for future versions.

By: Lucas Newman

Lucas Newman — Thu, 08 Jun 2006 22:06:57 +0000

By: Allan Odgaard

Allan Odgaard — Thu, 08 Jun 2006 17:10:12 +0000

schwa: this is why I suggested above that AP stores the public key encrypted â€” this should avoid the ability to blindly replace the key via some universal application.

FYI I do that in TM â€œjust to be sure,â€ though I have seen several cracks of my application, but never have they targeted the public/private key system, as there is generally an easier way to get the application working as was it registered, in fact I would bet that many of the cracks done for TM took less than 30 minutes to produce, as the cracker just run the application in a debugger, and then figures out where to insert nopâ€™s.