The argument that vendors don't make any effort to prevent disassembly means that they don't care about piracy is flawed; the costs associated with additional protection may just not be worth it.<p>Adobe, for example, used to go to great lengths to prevent people from cracking their software. In the end, though, a crack still came out within a few weeks. Was it really worth months of highly-paid-developer-time to slow down piracy for maybe a month at best? (Evidently not, since CS5 and above can be disabled by adding a line to your HOSTS file.)<p>Even as an individual who's sold software in the past, it's usually not worth it. I don't have the time myself, and commercial software which does this costs hundreds to thousands of dollars. I may not be happy if people pirate my software (I'm actually fine with it), but it's not worth the cost to prevent it.<p>That said, I found the article extremely interesting!
Coming from an open-source background, a perspective that considers being able to analyse how your program works as a "vulnerability" seems quite alien.<p>(And implying that software vendors who don't obfuscate their code shouldn't complain about piracy seems analogous to the old chestnut of blaming rape victims for dressing immodestly).
Not to knock on the author's article, but I've never seen a code encryption technique or assembler-level obfuscation that wasn't trivial to remove. If you're looking for protection technologies that perform well in the real world, look into Source Level obfuscation, Virtual Machines, and Antidebug tricks. If other people are interested I can post links.<p>Also interesting to see an article like this on the front page of HN...
the code still has to run. stuff like this is trivial to invert using a virtual machine that records what executed and also records modifications to code. you also suffer from the problem / weakness of having the decryptor for your code, in the code you give out.<p>now if you can avoid that (by applying some transform that allows the program to function but without having to carry its inverse) then ...