Providing secure software in today's existing distributed computing environment is a major problem for software development vendors. Experienced hackers can intercept the distribution or the installation of otherwise secure software and alter its performance in some way Alterations may include, by way of example only, the bypassing of automatic licensing checks, the insertion of malicious computer viruses, and others.
Software vendors have reacted by trying to prevent alterations in a variety of ways, such as distributing the software in executable format, encrypting installation dates which are checked by the software upon execution against an expiration date associated with a license agreement, password protecting the installation and/or execution of the software, and others. Yet, hackers have become extremely adept and are now capable of tracing the executable code to a particular point in the execution sequence and modifying return values located in the executable code which effectively bypass or alter many of the checks installed by the vendors. Furthermore, by altering the executable code to effectively bypass various required checks, hackers are able to bypass the validation of encrypted dates and any requisite passwords, thereby allowing unfettered execution of the software without being subject to any licensing limitations imposed by the software vendor. Moreover, once the software has been modified the hackers can create a permanent fix by patching the operating system or the executable code itself and then reinstalling the software on the operating system.
Further, some operating system vendors have attempted to install checks within the operating system itself to validate that software provided by the vendor is in fact secure. However, this has proved problematic since upgrades and new releases of software often require a user to get frequent patches and updates to the operating system from the vendor. This becomes frustrating to the user, and often if the user neglects to obtain the requisite patch and attempts to run new software, the new software cannot be validated, thereby creating potential security breaches in the operating system. Moreover, hackers have developed fixes which include modifying the software associated with the operating system itself to overcome these lower level checks instituted by the vendors.
Also, many of today's adept programmers have developed techniques to alter the operation of an executable, by modifying the image of the executable which is resident in the memory of the operating system. In this way, any checks being performed upon initiation, or even later, of the executable are bypassed altogether, since initiation has concluded once the image is fully resident in the operating system. This allows programmers to alter the image of the executable without detection. Yet, if the operating system is restarted, such as with a reboot operation or other operations, the original unaltered image of the executable will be fully restored and the programmer will again have to alter this image to achieve his/her desired result.
Of course, a hacker may actually create a separate piece of software which would modify the image of the executable code in memory such that any self-checking code is automatically disabled by the separate piece of software. In such a scenario, this would assist the hacker in defeating checks performed after the executable initially begins execution, or during any runtime checks which the executable may perform.
In today's distributed computing environment where access is in theory available to the entire world nearly instantaneously, a hacker's modification to a vendor's software may permit global unauthorized use of the vendor's software. This creates an incentive to not purchase a valid copy of the vendor's software and may substantially impact the overall viability of the vendor's product in the marketplace. Furthermore, as more and more unauthorized versions become available the likelihood of malicious modifications becomes more frequent which could impact the reputation of the vendor in the marketplace for all the vendor's products. Further, the vendor often finds itself expending unnecessary human resources in addressing problems associated with unauthorized modifications to its software, since support staff may be contacted by users of unauthorized versions of the software for assistance with problems. Accordingly, the ability to ensure software provided by a vendor is secure and reliable is of paramount importance in today's global access computing environment which is presently being fueled by the pervasiveness of the Internet and the World Wide Web (WWW).