Cracking in to a crack

 

In simple way, cracking is modify a software to skip or find a dummy data(which looks like correct/authentic information) a security check.

 

For example, some of the software will work from 30 days form the date of installation. To over come this, you need to either tell the system that the 30 days are not over or this is a licensed version and do not carry out expiry date check.  In older days, software used to take the system date to calculate the expiry date and the user could simply change the system date.(old trik….will not work now a days)  Now the installation date is encrypted and stored in some unknown/random location.  Or there may be a hardware lock or a CD check( if you need to run the software, you need to insert a particular CD ROM in the drive.)

 

So, the cracker use a disassemble, and try to access the source code.  This will enable the cracker to find the sub routine which will do the security check.  Then, he/she add/remove lines and permanents in the code, in any of the below ways (there may be more ways, we are discussing only few of them)

 

01.             The cracker’s code will always add one more day to expiry date every time you run the application

02.             Or, remove/by pass the sub routine, which checks expiry date.

03.             Supply credentials of a licensed version (like : serial number, authentication code etc)

By passing the sub routine is mainly used when it comes to the hardware or disk check comes to picture.  Some time back, (during end of 80s and early 90s) software companies used Key Disk, to guard them against illegal copying.  One of the technique I saw was, create a bad sector in the floppy (Make a mark on a disk using a safety pin) and find the exact location of the bad sector(thru software) and hard code it in the application..  When you run the application, it prompt you for the key disk.  Then the application checks for a bad sector in the exact location.  It was pretty cool and efficient, till the people find out how it works.  (There were stories people making a disk full of bad sector and try it…)

 

Then came the hardware locks.  You get a small box, which can be connected to the parallel port (LTP1 or LTP2) and the application checks for the presence of this.  These locks contains a small memory with some data in it.  This was cracked by taking the EPROM out of the box and copy the content!!!  Then came the dissemblers and by pass the check it security.

 

But most of the cases, dissembler is used by a skilled (in fact very skilled) programmer and the programmer publishes the cracked version of the application.

 

The cracker does most of the job in assembly language.  Most of the software cracking is the modification of an application's binary to cause/prevent a specific key branch when the program is being executed.  So this require high expertise in programming and understating of codes and most of the cases the group of programmers works together.  They keep their contacts thru internet and they may not know each other personally.  It is much like the hackers groups. 

 

What ever they crack, IT IS ILLEGAL and using a cracked application is also ILLEGEAL.  Anything and everything about privacy is always under debate.  Though people appreciate and respect the knowledge of the crackers, they are causing damage to the company who spends money and time on developing applications.  At the same time, people talks about companies locking the products, which user paid.

 

Next-Generation Secure Computing Base (NGSCB), (known as Palladium) from Microsoft is beloved to take care of most of the cracking techniques.  NGSCB is rather a hardware technology, which will enable Fast Random Number creation based on a cryptographic chip.    This makes the keys very very secure.  This technology uses inputs from Trusted Computing. 

 

There are two hardware components in a TC model.  Trusted Platform Module and a co-processor.  TPM is a very secure storage for the cryptographic keys and  the co-processor is the brain.

 

In the software part (of TC), we have again two components.  Nexus and Nexus Agents.  While Nexus is a part of the OS kernel, Nexus Agent is a module, which is present in the NGSCB enabled applications.

 

TC is believed to deliver a better products, which is tough to crack and hard for viruses.  But it is also beloved that TC is incapable of meeting what user wants and increases in Vendor-lock, which will reduce competition in IT filed.

 

But, in IT world, when ever there is a solution, there is always a back door.  So the saga continues….