If you have a problem or need to report a bug please email : support@dsprobotics.com
There are 3 sections to this support area:
DOWNLOADS: access to product manuals, support files and drivers
HELP & INFORMATION: tutorials and example files for learning or finding pre-made modules for your projects
USER FORUMS: meet with other users and exchange ideas, you can also get help and assistance here
NEW REGISTRATIONS - please contact us if you wish to register on the forum
Users are reminded of the forum rules they sign up to which prohibits any activity that violates any laws including posting material covered by copyright
Does any one have this pc Mac adress protection?
49 posts
• Page 2 of 5 • 1, 2, 3, 4, 5
Re: Does any one have this pc Mac adress protection?
I actually have a simple serial thingy , probably sufficient and when I say sufficient I mean , makes the plugin look a bit more legit
-
lalalandsynth - Posts: 600
- Joined: Sat Oct 01, 2016 12:48 pm
Re: Does any one have this pc Mac adress protection?
.
Last edited by MichaelBenjamin on Mon Sep 21, 2020 10:44 am, edited 1 time in total.
- MichaelBenjamin
- Posts: 275
- Joined: Tue Jul 13, 2010 1:32 pm
Re: Does any one have this pc Mac adress protection?
It's really simple to make a code that no-one can crack.
Just use ruby or something that can use preg_replace or similar, in the case of array match and replaces.
Next, make sure you use an algorithm to de-scramble and scramble based upon a few unique codes.
So, mac address / hd code and random code. Make sure the random code is based upon the mac address so that your javascript / php can detect that the two are akin.
If you like I could write you something uncrackable by anything. It dawned on Me 14 years ago how easy it is in the case of mysql db and the lack of md5.
Just use ruby or something that can use preg_replace or similar, in the case of array match and replaces.
Next, make sure you use an algorithm to de-scramble and scramble based upon a few unique codes.
So, mac address / hd code and random code. Make sure the random code is based upon the mac address so that your javascript / php can detect that the two are akin.
If you like I could write you something uncrackable by anything. It dawned on Me 14 years ago how easy it is in the case of mysql db and the lack of md5.
-
wlangfor@uoguelph.ca - Posts: 912
- Joined: Tue Apr 03, 2018 5:50 pm
- Location: North Bay, Ontario, Canada
Re: Does any one have this pc Mac adress protection?
wlangfor@uoguelph.ca wrote:I
If you like I could write you something uncrackable by anything. It dawned on Me 14 years ago how easy it is in the case of mysql db and the lack of md5.
Yes, please show us
- adamszabo
- Posts: 667
- Joined: Sun Jul 11, 2010 7:21 am
Re: Does any one have this pc Mac adress protection?
Everyone,
We can say that there is a way to make an application extremely time consuming and more difficult to crack. But we can never say it is "uncrackable by anything". You can try to encrypt, scramble, obfuscate, skew the data or make the application check on id, cpu, mac address, key fob or token etc.
A very patient person with lots of time and tenacity that has skills in ASM with a fast cpu/gpu can crack your application. I am not bashing anyone here that may have thought differently because I feel it is my duty to bring awareness and I do not want people to have a false sense of security to release something and assume it can't be cracked. Go back to what I said in the first line. Even symmetric AES 256 can be cracked some day, it depends on "time"+CPU power. The concern today is quantum computers will do this rather quickly and make everything we have today totally useless. The biggest challenge, the application has to run in memory in order for it to work and a memory dump or scan is where this will happen.
MD5 & sha-1 is a one way hash which has been outdated for password hashing. It is still used for app/file integrity checks.
So how that would work for passwords? The hash(password) is passed to and compare it to the hash stored in the DB. Today you can buy rainbow tables that already has hashed tables stored with every possibility imaginable. The other way is to pay a small fee and upload the hash to a "password cracker" cloud to be cracked, it may have already been cracked. I went off on a tangent and I could keep going on and on. Today Sha-2 , 3 are used for important things like signatures and applications. This site for instance is not secure, do not use a password here that you would consider using somewhere else. You have been warned.
We can say that there is a way to make an application extremely time consuming and more difficult to crack. But we can never say it is "uncrackable by anything". You can try to encrypt, scramble, obfuscate, skew the data or make the application check on id, cpu, mac address, key fob or token etc.
A very patient person with lots of time and tenacity that has skills in ASM with a fast cpu/gpu can crack your application. I am not bashing anyone here that may have thought differently because I feel it is my duty to bring awareness and I do not want people to have a false sense of security to release something and assume it can't be cracked. Go back to what I said in the first line. Even symmetric AES 256 can be cracked some day, it depends on "time"+CPU power. The concern today is quantum computers will do this rather quickly and make everything we have today totally useless. The biggest challenge, the application has to run in memory in order for it to work and a memory dump or scan is where this will happen.
MD5 & sha-1 is a one way hash which has been outdated for password hashing. It is still used for app/file integrity checks.
So how that would work for passwords? The hash(password) is passed to and compare it to the hash stored in the DB. Today you can buy rainbow tables that already has hashed tables stored with every possibility imaginable. The other way is to pay a small fee and upload the hash to a "password cracker" cloud to be cracked, it may have already been cracked. I went off on a tangent and I could keep going on and on. Today Sha-2 , 3 are used for important things like signatures and applications. This site for instance is not secure, do not use a password here that you would consider using somewhere else. You have been warned.
-
pshannon - Posts: 144
- Joined: Fri Jan 02, 2015 3:08 am
Re: Does any one have this pc Mac adress protection?
It's totally possible but you can't rely on any encoding technique. Everything has to be your own replace algorithm. There's no way to crack something unique.
so, avoid any used method, avoid all existing cyphers. Hell, even if you were to replace the alphabet, do you think there's an intelligent decoding program like in csi that cracks it? lol, this is reality man.
Nothing in the business can crack unique tbh, but must people don't want to think things through like that haha.
OK, I will. But I gave My word I'd finish something to Nix first and then I'll share.
EDIT: I was thinking too, I should make something for flowstone plugin sellers that includes the ability for customers to provide positive feedback. Then they get discounts.
It's a sweet idea, it's so annoying for customers to comment, if it was easy like it is sometimes in wordpress it'd be nice. I guess the trick comes down to coming up with a unique encryption. And then actually reading the response. That can be done with a php image maker. Hmm *looks.
so, avoid any used method, avoid all existing cyphers. Hell, even if you were to replace the alphabet, do you think there's an intelligent decoding program like in csi that cracks it? lol, this is reality man.
Nothing in the business can crack unique tbh, but must people don't want to think things through like that haha.
adamszabo wrote:wlangfor@uoguelph.ca wrote:I
If you like I could write you something uncrackable by anything. It dawned on Me 14 years ago how easy it is in the case of mysql db and the lack of md5.
Yes, please show us
OK, I will. But I gave My word I'd finish something to Nix first and then I'll share.
EDIT: I was thinking too, I should make something for flowstone plugin sellers that includes the ability for customers to provide positive feedback. Then they get discounts.
It's a sweet idea, it's so annoying for customers to comment, if it was easy like it is sometimes in wordpress it'd be nice. I guess the trick comes down to coming up with a unique encryption. And then actually reading the response. That can be done with a php image maker. Hmm *looks.
-
wlangfor@uoguelph.ca - Posts: 912
- Joined: Tue Apr 03, 2018 5:50 pm
- Location: North Bay, Ontario, Canada
Re: Does any one have this pc Mac adress protection?
This would be a good way to create an image that provides encoded data like a barcode. I wasn't sure if the post or data pull technique works ok, so you could always use the image download technique easily.
https://www.thesitewizard.com/php/create-image.shtml
I guess I'll sort out how to do that, and how to create a unique identifier key that cannot be re-created or faked for things like queries and customer feedback. Things like discounts and bargains which can be redeemed automatically for instance, even adding a a product to a cart or wishlist from the plugin itself, totally doable.
A heck of a way to get positive feedback from a vst, they won't even have to open their browser. I'll make it into a php file live test, provide the live test environment and a flowstone schematic as soon as I am done the new freq 2 (inspired by a phonicsaudio.com design) Then we can all see if it works.
It does obviously raise the dilemma however that suggests you'd want to have many products to validate the necessity of having such discounts.
Robert
https://www.thesitewizard.com/php/create-image.shtml
I guess I'll sort out how to do that, and how to create a unique identifier key that cannot be re-created or faked for things like queries and customer feedback. Things like discounts and bargains which can be redeemed automatically for instance, even adding a a product to a cart or wishlist from the plugin itself, totally doable.
A heck of a way to get positive feedback from a vst, they won't even have to open their browser. I'll make it into a php file live test, provide the live test environment and a flowstone schematic as soon as I am done the new freq 2 (inspired by a phonicsaudio.com design) Then we can all see if it works.
It does obviously raise the dilemma however that suggests you'd want to have many products to validate the necessity of having such discounts.
Robert
-
wlangfor@uoguelph.ca - Posts: 912
- Joined: Tue Apr 03, 2018 5:50 pm
- Location: North Bay, Ontario, Canada
Re: Does any one have this pc Mac adress protection?
I installed xampp, and now have an offline wordpress install.
Tomorrow I will get instructions and kits showing how to make a wp plugin. I will make plugins to do all of things as well as mods for EDD.
If you want woo commerce, I dunno; maybe if I'm paid; otherwise free. I'll be adding this functionality to the new Freq 2 based on a design by phonicsaudio.com.
The first thing I will incorporate is update awareness and language. Furthermore it will allow users to provide feedback from the plugin itself which will show up on the site.
I'll need some testers, please speak up and I'll get the files to you when they're ready.
Robert
Tomorrow I will get instructions and kits showing how to make a wp plugin. I will make plugins to do all of things as well as mods for EDD.
If you want woo commerce, I dunno; maybe if I'm paid; otherwise free. I'll be adding this functionality to the new Freq 2 based on a design by phonicsaudio.com.
The first thing I will incorporate is update awareness and language. Furthermore it will allow users to provide feedback from the plugin itself which will show up on the site.
I'll need some testers, please speak up and I'll get the files to you when they're ready.
Robert
-
wlangfor@uoguelph.ca - Posts: 912
- Joined: Tue Apr 03, 2018 5:50 pm
- Location: North Bay, Ontario, Canada
Re: Does any one have this pc Mac adress protection?
Instead of going through all the trouble of making the website, you should first share your "uncrackable" flowstone schematic, so we can find any faults with it
- adamszabo
- Posts: 667
- Joined: Sun Jul 11, 2010 7:21 am
Re: Does any one have this pc Mac adress protection?
adamszabo wrote:Instead of going through all the trouble of making the website, you should first share your "uncrackable" flowstone schematic, so we can find any faults with it
Well, I'm a programmer so frankly you should take My word on it.
I was making products like youtube and ajax in 2005 with a man named Tobias Teschner. I'm still up to speed so to speak.
But here's what you asked for:
here's a simple version I have working with php:
It doesn't yet have encoders, but uses base64. It could be a fallback because you could use character replace.
And here's the larger version which frankly has a better chance of beating any decoder.
I wrote some php to use as a bbcode renderer years back, I'd be using the same arrays and preg_r, ereg, perl expressions, regular expressions what have you.
Maybe I still have that somehwere.
-
wlangfor@uoguelph.ca - Posts: 912
- Joined: Tue Apr 03, 2018 5:50 pm
- Location: North Bay, Ontario, Canada
49 posts
• Page 2 of 5 • 1, 2, 3, 4, 5
Who is online
Users browsing this forum: Google [Bot] and 67 guests