More copy protection...

[Vertion]

[stratum]

Looks promising.
I hate the fact that even for something like this users would expect a distinctive GUI. Am I the only one who thinks some plugins could be more user friendly if they simply had used standard GUI components?

Just curious, why have you chosen Gumroad but not Shareit for example?

[Vertion]

[Vertion]

Just another random copy protection idea for you all....

What about online MIDI to WAV (generator), and WAV to WAV (effects) conversion? This way the binaries never get into the machine in the first place.. rather there is a service you pay for.. and it can put watermarks onto the output wav file to pester the user... also.. this way quality can be as high as you want it to be.... and you can keep the secret recipe a secret? There would need to be a recognizable user interface that always looks the same.. where one uploads or drags the midi and/or wav file(s), and they are processed online... this can have any kind of payment structure.. x dollars per y.. I would give it a more marketable title.. but the idea could work... then it becomes a simply matter of access control per products and the rules you apply to them... the marketability could be on the quality and of course the scarcity (since no one else has the secret).. dedicated servers to punch out the heavy lifting... .. also you could run the midi through anything.. including REAL ANALOG SYNTHS and MODULAR SETUPS...all online at a keypress.. now I can render out a real moog sound from across the world.. and it sounds GREAT!! all fully automated of course..

[antto]

this is already going on, sadly
the code is hidden on a server, and the user never actually gets a copy of it
instead, the user sends his data, and eventually gets it processed

if this becomes the normal thing - it would be terrible
it's like:
"hey, imma build a bird house in the weekend.. i got chunks of wood, but i don't have tools"
the neighbour has tools, but you can't borrow em, you give your materials to him, as well as precise instructions, and hope that bastard doesn't mess it up

i've personally used such services already
there are a pile of on-line file converters that work exactly via that scheme
pictures, videos, even CAD format converters

while the algorithms for converting a picture into an icon of different sizes are no rocket science, when you need to do it quickly and you websearch for a tool - you get tons of results from all kinds of on-line solutions, and not an actual standalone tool
those websites probably earn from banners

[antto]

and this will never work for a big number of music related things
music, like lots of other arts uses feedback in many places
the "artist" sometimes tries something out to see/hear/feel how it's going to add up with the rest - and if the time between the decision to try something out to the time the feedback comes is longer than reasonable, or requires jumping to websites and whatnot - then i don't see that happening

[Vertion]

I could do this actually.. I have a Moog Sub 37 and a MicroBrute.. They are already jacked in.. as long as no one sends a super dense midi with a few million notes per minute (midi file must follow all requirements to be processed automatically).. and it is completely automatable..

However, now I am looking at this online thing as the starting point for this project, given the spread of Chrome and it's midi capabilities... as well as Opera..

I had no idea they got this far yet for online synths...
http://errozero.co.uk/acid-machine/

I just hooked up my midi controller and started rocking.. granted it was spotty.. but the idea is great

loaded this up in the other tab.. and rocked them in sync

http://patternsketch.com/

[Youlean]

What crackers are talking:

lol, r2r have released trucks full of apps... the best , the biggest, the most expensive, etc... they cracked everything, and released keygens for everything. and i guess when they must deal with 2048bit rsa stuff, cerfificates, etc, some huge genius-level skills must be required, i think about Sony, samsung,etc, engineers.

i wish i had 50 millions, and could ask R2R to code some instruments or plugins. i think they could create some fantastic stuff.

and because it's totally off topic, i think i've seen a zebra+bazillebeta + diva releases, these last days, but the pages on audiZ vanished so fast, that maybe only a couple of guys could see them.
are they a joke ? are these releases made by uhe team themselves, just to fool people into installing it and seeing some new 3d fireworks, after it bombs day-d...
because they claim they are the best devs ever, nobody can defeat their copy protections, with most teams not even cracking 3 or 4 security layers, among the +10 security layers, and their code and methods are so perfect, that they are going to license their code and techniques, so 100% of the apps made in the planet earth, until 2099, don't get cracked. Nasa, CIA, volkswagen, etc, are also interested, and will use uhe routines as soon as they are made available.

so, can someone say if these releases are jokes ? (no, this isn't "talking about warez in audiosex).

https://audiosex.pro/threads/team-r2rs- ... 933/page-2

[Kickflip]

Ok, so first up, thanks for all the great info in this thread!
There’s a bit I’m not so sure on. I have implemented a Whirlpool hash in both my website and my plugin, both based on the customer’s name and a key, and the website emails the key to the customer via a post-Paypal ipnprocess.php script. Pasting the hash into the plugin matches the hash generating within the plugin, so that’s all working great.

I’m just confused by this part

I recommend something like this:

Username : John Smith
Serial : XGHZ-HJKI-KJFT-JHPT

where

XGHZ-HJKI = Whirlpool(John Smith) & 0xFFFFFF

and

KJFT-JHPT = SHA512(XGHZ-HJKI) & 0xFFFFFF

So half the serial is based on a hash (Whirlpool) of the user name, the other half is based on the hash (SHA) of the first half. That's an example. You can use other combinations.

It may be a bit of a noob question, but what does the ‘& 0xFFFFFF’ mean? I can’t seem to apply that to the hash string (using C++), but think I’m probably missing a bit of fundamental knowledge...

[Urs]

Ok, so first up, thanks for all the great info in this thread!
There’s a bit I’m not so sure on. I have implemented a Whirlpool hash in both my website and my plugin, both based on the customer’s name and a key, and the website emails the key to the customer via a post-Paypal ipnprocess.php script. Pasting the hash into the plugin matches the hash generating within the plugin, so that’s all working great.

I’m just confused by this part

I recommend something like this:

Username : John Smith
Serial : XGHZ-HJKI-KJFT-JHPT

where

XGHZ-HJKI = Whirlpool(John Smith) & 0xFFFFFF

and

KJFT-JHPT = SHA512(XGHZ-HJKI) & 0xFFFFFF

So half the serial is based on a hash (Whirlpool) of the user name, the other half is based on the hash (SHA) of the first half. That's an example. You can use other combinations.

It may be a bit of a noob question, but what does the ‘& 0xFFFFFF’ mean? I can’t seem to apply that to the hash string (using C++), but think I’m probably missing a bit of fundamental knowledge...

‘& 0xFFFFFF’ is a plain binary operation... something to truncate the 512 bit hash to just a few bytes so that we can encode them with, say, BASE64 to create an 8-letter serial part. Otherwise encoding 512 bytes in ASCII will yield a pretty long serial number.

[aciddose]

Kickflap; Remember there are 26 main English (no additional marks) characters, so if you use US-ASCII upper + lower case you get 52 + 0 to 9 = 62, then we just need two additional characters for 6-bit encodings like + and -.

So one possible 6-bit US-ASCII alphabet is: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz+-0123456789

Eight characters would give 6 * 8 = 48 bits, while 0xFFFFFF = 4 * 6 = 24 bits.

It's best to generally use as efficient a packing as possible so I'd recommend US-ASCII with 6 bits but not 7 bits because you end up with odd bits and need to pad with zeros which opens up various attacks on encryption due to the "this bit is always padded zero".

5-bit is also possible with {A - Z} + {0 - 5} but this is also generally an odd number of bits. In 5-bit pairs you get 10, but you're still left with trailing bits when packing into a usual word length like 8 (-2), 16 (4), 24 (4), 32 (2), 48 (8), 56 (6) or 64 (4). With 5-bit pairs 10*4 = 8*5 (40) which is entirely possible of course.

It all depends upon exactly which data you're packing and how you can manage to line things up into neat words as needed. So you have to take into account which encodings, hashes, packings and encryptions are used all together.

[Kickflip]

Thanks for the replies! The truncation makes sense, but not certain on the implementation.

I put this in as a test:

Code: Select all

      char trunc[10];
      snprintf(trunc, 10, output.c_str());

But that extra info about the 6 bit alphabet shows that I’ve got the wrong idea there.

So I’ve tried this, but getting invalid operation errors.

Code: Select all

      char trunc[10];
      snprintf(trunc, 10, output.c_str() & 0xFFFFFF);

Was also wondering would it be an appropriate follow on from the example to have something like:

XGHZ-HJKI = Whirlpool(John Smith) & 0xFFFFFF

and

KJFT = SHA512(XGHZ-HJKI) & 0x0000FF
JHPT = SHA512(HJKI Smith) & 0x0000FF


Also…

Kickflap;

That’s Kickflip with an I
I’ve had a worse typo though. Of course that had to be the one that ended up on a festival line up on the back of a magazine, ffs

[aciddose]

Well if we start from a 5-bit alphabet you're converting a number 0 to 31 into a character.

So it's like so:
https://pastebin.com/nDVDbihB

FABULOUS!!! ... no wait ...
fabulous_data = deadbeeffeedf00d
Fabulalphabet = ABCDEFGHIJKLMNOPQRSTUVWXYZ012345
output_words = 13
output_string = "NA21O5534NL3N"

Not 100% certain but this is better than my initial post which was totally untested.



Also this:
https://www.youtube.com/watch?v=GSxzke1RS9s

[Kickflip]

Cool, thanks. This area's completely new to me but I'll experiment.

[aciddose]

Although I wrote my own function to read/write bits I highly recommend you use existing tools like stl/boost to do this instead. I just prefer all-in-one code that doesn't have complicated external dependencies. (Including boost functions in an example like this is insane, nobody will be able to just compile the example.)

Unfortunately after I edited the post about 9 times it turned out I would have been better off to just write it correctly from the start, but at least you have an example of working code to start from now.

Such functions (read_bits, write_bits) are extremely useful in a wide variety of areas and are much like strcpy or similar functions in that sense, although they're lesser known.