Lone Wolf Development Forums - View Single Post

Villadelfia · October 9th, 2015, 10:21 AM

Quote:

Originally Posted by Togainu

Kind of think you are missing the point I was making. No matter how secure you implement it you are adding another point of entry for attacks. Making the program as a whole more vulnerable by default.

This is true, but it's not as if the current security is flawless, in fact it is quite flawed but I respect lone wolf development and will not release my research on that subject. Suffice it to say that small scale piracy is easy, and would not even require any cracking. Large scale piracy on the other hand would require some cracking, but there are some critical flaws in how a license is validated.

If anyone on the dev team is reading this: I'm working on a PoC for both methods and will mail you when they're complete so that you may fix them.

Quote:

Originally Posted by Togainu

Secondly not everyone plays in areas that have access to internet. Meaning they won't be able to start up the program. Course then you can choose to not allow save options. But that means you need to start making notes outside of Hero Lab and enter them at a later point (if you remember and didn't loose your notes which are very realistic scenarios (which is actually how it currently works meaning the connection solution only solves the issue for some users)).

I think we miscommunicated somewhere, I did not intend my proposal to require a constant internet connection. What I'm intending is this: if the license is valid, hero lab would work exactly as it does now.

However, once it detects a license invalidation, it will phone home and start a week long "trial mode" and require an internet connection from that point until the license becomes valid again.

I can see how this won't work for people that play without internet connection, but for the rest it would provide a nice way to avoid a ruined gaming evening.

As for abuse, this system would obviously invalidate the license for use on any system ID when it gets flagged, this would mean that the original user can no longer update until he contacts lone wolf, and the person he shared it with can only use it once, for one week. Continued abuse would quickly become apparent.