Your reviewer re-reviews security claims found in latest IonWorx IceLicense:
Ionworx uses PE Compact to protect itself:
Then Ionworx uses TurboPower LockBox for it's protection scheme:
Most of IceLicense can be easily reversed:
Most of the protections against debuggers, Anti-cracks are mostly useless because they do not work against latest versions of those debuggers, anti-cracks. In fact, those debuggers and anti-crackers are so much more advanced they skip all the anti-debug, anti-(whatever) that IonWorx uses to protect itself.
In the picture above, shows two concurrent statements, "_TForm1_IceLicense1TrialExpired" calling @Dialogs@MessageDlg$qqrx17System@AnsiString19Dialogs (which is ShowMessage in other words)
with data at word_47EAC0 being moved into it. What is data at word_47EAC0? It is shown below in the same picture:
'Your trial period has been expired, please register now!'
Now suppose your reviewer flips some bytes to disable this message box, it can easily be done:
Maybe after given an extended trial, I should register IceLicense later...
Most of ICE License algorithms can easily be reconstructed back to original source codes.
Claims and counter-claims
ICE License does not live upto it's promise as a robust copy-protection scheme. Most of the users who buy this get burned or switch to other copy-protection schemes.
It does not give any security towards copy-protection. The methods, algorithms how ICE License works are easily reversible. The claims may fool a beginner with no knowledge of copy protection, but it cannot fool experts.
Anti-Debugging mechanisms can easily be bypassed, using knowledge of assembly. The Key Generator uses TurboPower LockBox (MPL). The run-time source code encryption is also false because it uses simple XOR instead of virtualization, code regeneration found in higher end copy protection mechanisms.
The claim of secure strings is based on TurboPower Lockbox package, not the original package itself. You can use TurboPower LockBox to encrypt strings securely.
ICE License is not the first to prevent Illegal license exportation, there are many others which actually work, such as WinLicense, ExeCrypt.
NetWork protection does not protect more than >= 255 computers because it uses NetBios.
Conclusion
Your reviewer is not out to take revenge on IonWorx, instead, it is to inform that most of the advertiser's claim are misleading and against careful checks, they are false.
March 2013 update
See updated article at Ionworx Re-review, Ionworx icelicense reveiwed
See Article corrections
See related article: Ionworx SerialSheild Review
Ionworx uses PE Compact to protect itself:
Then Ionworx uses TurboPower LockBox for it's protection scheme:
Most of IceLicense can be easily reversed:
Most of the protections against debuggers, Anti-cracks are mostly useless because they do not work against latest versions of those debuggers, anti-cracks. In fact, those debuggers and anti-crackers are so much more advanced they skip all the anti-debug, anti-(whatever) that IonWorx uses to protect itself.
In the picture above, shows two concurrent statements, "_TForm1_IceLicense1TrialExpired" calling @Dialogs@MessageDlg$qqrx17System@AnsiString19Dialogs (which is ShowMessage in other words)
with data at word_47EAC0 being moved into it. What is data at word_47EAC0? It is shown below in the same picture:
'Your trial period has been expired, please register now!'
Now suppose your reviewer flips some bytes to disable this message box, it can easily be done:
Maybe after given an extended trial, I should register IceLicense later...
Most of ICE License algorithms can easily be reconstructed back to original source codes.
Claims and counter-claims
ICE License does not live upto it's promise as a robust copy-protection scheme. Most of the users who buy this get burned or switch to other copy-protection schemes.
It does not give any security towards copy-protection. The methods, algorithms how ICE License works are easily reversible. The claims may fool a beginner with no knowledge of copy protection, but it cannot fool experts.
Anti-Debugging mechanisms can easily be bypassed, using knowledge of assembly. The Key Generator uses TurboPower LockBox (MPL). The run-time source code encryption is also false because it uses simple XOR instead of virtualization, code regeneration found in higher end copy protection mechanisms.
The claim of secure strings is based on TurboPower Lockbox package, not the original package itself. You can use TurboPower LockBox to encrypt strings securely.
ICE License is not the first to prevent Illegal license exportation, there are many others which actually work, such as WinLicense, ExeCrypt.
NetWork protection does not protect more than >= 255 computers because it uses NetBios.
Conclusion
Your reviewer is not out to take revenge on IonWorx, instead, it is to inform that most of the advertiser's claim are misleading and against careful checks, they are false.
March 2013 update
See updated article at Ionworx Re-review, Ionworx icelicense reveiwed
See Article corrections
See related article: Ionworx SerialSheild Review
No comments:
Post a Comment