From: astral on

"Dave -Turner" <admin(a)127.0.0.1> wrote in message
news:A7-dnfHOFownvpLRnZ2dnUVZ8rudnZ2d(a)westnet.com.au...
>> And then the "ask for password" routine replaced by something that
>> always says "succeeded"
>
> Yes, but you'd still need to know the password first though to get to that
> stage.
>
>
-----------
it possible to strip PE header and replace with stub, make stub strongly
obfuscated (can not be encrypted, but obfuscated);
stub will decryped AES-256 encrypted image. It can takes a months and years
to decrypt it.
It doesn't matter that the executable can be dumped from memory after it's
been decrypted and loaded.

From: unruh on
On 2010-06-09, Dave -Turner <admin(a)127.0.0.1> wrote:
>> And then the "ask for password" routine replaced by something that
>> always says "succeeded"
>
> Yes, but you'd still need to know the password first though to get to that
> stage.

Yes, but these things are often introduced as anti copying procedures.
Thus one password can get your 100000 useable copies.

>
>
From: Phil Carmody on
"Dave -Turner" <admin(a)127.0.0.1> writes:
> > And then the "ask for password" routine replaced by something that
> > always says "succeeded"
>
> Yes, but you'd still need to know the password first though to get to that
> stage.

If you don't trust the person to whom you are giving the password
not to pass the password on, then you may as well assume the password
will leak out.

If you do trust the person to whom you are giving the password not
to pass the password on, then why don't you trust him to not pass
the software on if you give it to him without the password "protection"?
And why do you want to constantly annoy him by asking him for a
password each time he runs the program?

This use of passwords is pure snake oil.

Phil
--
I find the easiest thing to do is to k/f myself and just troll away
-- David Melville on r.a.s.f1