>>>>>>"...Files that are not encrypted and not shrinked, need not be handled by Molebox. Simple as that..."
>>>>>>
>>>>>>Makes sense and we'going that way too.
>>>>>>
>>>>>>Thanks Peter
>>>>>
>>>>>Just remember to be realistic - Molebox and other executable packers can be cracked literally within minutes by people who have the skills to do it. There are even tutorials out there that tell you how to do it. Molebox is a good packer plus virtual machine application which gives you protection against the majority but not from the medium to top crackers.
>>>>
>>>>Jos, do you have proof of 'tutorials out there' with regard to Molebox?
>>>
>>>All executable packers / protectors can be broken, Molebox, Thinstall, Armadillo, SVKP, Obsidian, PECompact, etc. I know someone who cracked my VFP Molebox protected app within minutes. Your protection comes from the skills and knowledge required to do it, not because the protection is invincible.
>>
>>Do you mind if I write a little app, molebox it, send it to you and ask you to have it cracked by that someone?
>
>I cannot ask this and in any case what would be the point? Do you think I'm making this stuff up? You can do your own reseach on the web Peter. The truth is out there.

What are the google words?

>I know you like Molebox and all that and I also like it but it is absolutely crackable. In fact, you should be aware that even on their own website Molebox admit that they include no "anti-debug, anti-dump, anti-trace" protections at all (which products like Thinstall do have by the way but at a high price). I wrapped a VFP app with a text document and a dbf file and within what effectively amounted to minutes some source code, text, and dbf data were dumped. Not everything but just enough to prove that it can be done. I have added my own anti-debugging techniques and this only served to increase a little bit the effort required.
>
>At the end of the day these apps must run in memory and as soon as that happens there are ways to patch around the protections, attach debuggers, memory dumpers, and numerous other attack techniques.
>
>The question here is not whether you can get 100% protection (you can't). The question is whether you can get enough protection to make the cracking job either not worth the effort or at least much more expensive to do. It's all about time.

If it only took some minutes...

>The other way to think about it is that a plain compiled VFP app with no "encryption" can be attacked by anyone who can load the exe using Notepad. Lets say this total universe of attackers is X. With a Molebox or Thinstall or Armadillo the universe of attackers has reduced to only those who know how to use tools like debuggers and tracers and understand how software runs at a very low level. This universe of attackers is now perhaps X/1000, for instance. So the protection these products provide is that (a) they require skills and time, and (b) these skills are not that common relatively speaking.
>
>Thats why I say one must be realistic. These products do provide protection and certainly enough protection from the average computer user. But they cannot be full proof.

It only takes one of those X/1000 crackers to produce a crack key or a cracked version, that requires no key at all, and spread that all over the world to the X crackers and to the 1000/X immoral users. A pessimistic's point of view is that the implication is that it's useless to produce trialware, as I've done. What could be the optimistic's point of view?