NTI DVD&CD MAKER serial key or number

This is a Continuation of U.S. application Ser. No. 15/,, filed Jul. 11, , which is a Continuation of U.S. application Ser. No. 14/,, filed on May 11, , which is a Continuation-in-Part of U.S. application Ser. No. 13/,, filed on Nov. 2, , which is a Continuation of U.S. application Ser. No. 12/,, filed Jul. 13, , now U.S. Pat. No. 8,,, issued on Nov. 20, , which claims the benefit of U.S. Provisional Patent Application Ser. No. 61/,, filed on Apr. 23, , the entire contents of each of which are hereby incorporated by reference.

Field of the Invention

The present invention relates to systems and methods for protection against the operation of malware commonly used in identify-theft and cyber-fraud. In particular, but not by way of limitation, the present invention relates to systems and methods for preventing key logger malware that utilizes form grabbing techniques to steal financial and identity information from users' browsers.

Description of the Background Art

Personal computers and business computers are widely infected with malicious software that intercepts and steals critical personal and financial information as it is being called by the user's browser. Almost all online commerce and activity originates from a user electing to open an internet browser to conduct business, either with his or her bank, brokerage, investment manager, or with numerous online stores.

Because of the massive growth in online commerce, and the requirement and use of credit cards and personal data to facilitate that market, sophisticated criminal hackers have targeted this line of commerce with ever-evolving malware. Much of the sophisticated malware is not being caught by commercial anti-virus solutions. Thus, unwitting consumers, believing they are protected, often enter the stream of online commerce not recognizing that malware can, and is, stealing their critical information. This sophisticated theft is taking place due in large part to the rise of what is called key logging malware. Key logging malware is created, often by sophisticated criminal online syndicates, to facilitate the capture of passwords, credit card data, and personal credentials, generally without the person's knowledge.

Key logging is a method of capturing keyboard input to a computer or computing device. It is a common technique for obtaining passwords and sensitive information using unauthorized software.

Software key loggers capture targeted personal data stored on the computers they infect. The software key loggers are utilized in conjunction with legitimate programs on the infected system. The malware relays the captured data to unauthorized recipients, who have planted the malware on the system by sending that data thru the internet using TCP/IP ports often used by common user applications. Software Key loggers utilize a number of techniques including hooking various operating system Application Programming Interfaces (APIs) and system drivers, screen capture, and form grabbing and hook based keystroke logging.

Another technique is hook-based key logging. Hook-based key loggers are programs that insert a system API hook into an API stack by modifying import tables, via insertion of inline hooks, or invoking SetWindowsHookEx( ). This is done by placing a call object into the API stack, acting as a filter. When a user on his or her browser calls a website, the data are filtered thru this malware call. This allows an attacker to record all the data being passed by the system driver to the API stack of a web browser. For example, one type of hook-based key logger will monitor and record each key press that generates an Interrupt Request (IRQ) to the system driver on the motherboard. The key logger, as part of the malware, saves this data as a text file. The text file is subsequently sent to a remote location for retrieval by malefactors.

Malefactors commonly deploy such malware key loggers via the internet to the computers of thousands of unsuspecting users. The volume of data generated by such hook-based key loggers is great, and can amount to many gigabytes of data within a short period. This mass of data is cumbersome to store and difficult to search for the purpose of extracting the very small percentage of data that represents data inputs of interest (e.g., credential and password information). As a result, malefactors have fine-tuned their malware to meet these challenges and better reduce the large take of useless data stolen by their malware.

Form-grabbing key loggers insert a hook that captures the form data, and only form data inputs. The form information being stolen is, essentially, those forms used for online banking and other online commerce that require users to enter personal information, card data, passwords, reminder questions, and mother's maiden names. This perfection of the malware allows more precise targeting of stolen credentials, and it greatly increases the odds that credentials stolen will be found and used. Previous methods often resulted in so much data being siphoned out by malware that credentials of interest to financial criminals and identity thieves were buried in the sea of stolen data. This is no longer the case with form-grabbing key loggers.

Form-grabbing key loggers have become a preferred type of key logger for sophisticated cyber criminals due to (1) their resistance to detection and lack of effective countermeasures, (2) their effect of substantially reducing the volume of captured data that must be searched to extract credentials, and (3) almost all credentials used for online transactions are entered at some point into a web form. Form-grabbing key loggers have become the first choice for cyber criminals when targeting bank login data.

Form grabbers sit in between the internet browser and the called internet page. This allows an inserted browser extension to inject or directly access the browser's API functions. This allows all data passed to the form to be recorded as it is passed by the browser. This method of action defeats all known anti-key loggers as they do not protect the web form or the browser window API's. As an example, when a user submits data to a legitimate banking website using web forms, a form-grabbing key logger that is monitoring the web browser can grab the submitted data by injecting a hook and hooking API functions within the browser.

Form grabbers deal with the browser and the data being passed over the internet. Hook-based key loggers record data as it is passed thru the API or system driver.

Form-grabbing key loggers also succeed in recording and stealing automatic form filler data as well as any data copied from another location such as data pasted from a clip board.

Software is available to detect and remove many types of malware. Attempts to combat all forms of key logger malware have not been successful. Moreover, consumers falsely rely on commercial anti-virus products that are often not updated with the latest version, and even when fully updated or patched, are ineffective to address the root problem of form-grabbing key loggers.

Software is available to address some elements of software key loggers. A number of methods are available to detect and/or disable hook-based key loggers. All known methods deal with accessing the API stack directly. Another approach is represented by the KeyScrambler® product from QFX Software Corporation (Ormand Beach, Fla.) which employs an encryption-based method. According to this method, keystroke data is encrypted at the source (keyboard) and passed to a form in a decrypted format. Another variation of this method is used in the GuardiD® product of StrikeForce Technologies Inc. of Edison, N.J. that utilizes similar API hooking and key-scrambling methods but does not protect the user if the malware is inserting itself as a hook-based key logger at the first instance in the stack. Moreover, this method does not effectively protect users against form grabber threats.

US / attempts to counter the action of key logger malware by creating a keyboard driver and hooking into various running windows processes. In particular, it creates a keystroke unhook or bypass method. A program engine hooks windows processes and performs a monitoring action in which it looks for hooked calls. When a hooked call is detected, it injects a program and launches new processes. This method creates a false entry state and a false exit state whereby the keystroke data is passed thru these states, i.e., bypassing a keystroke logger hook, by using a separate windows keyboard driver. This method may counter hook-based key loggers but is likely to cause system instability due to the fact it injects into running window processes, a technique which is known to cause memory corruption and system failures. Moreover, a simple modification by the authors of key logger malware would allow such malware to identify the anti-key logger driver file and hook this process instead, thus allowing the key logger to capture the users keystrokes as they pass through that process. This method does not protect against the action of hook-based key loggers that are programmed to insert themselves prior to the anti-key logger (“AKL”) itself hooking within the API stack, thus making it ineffective against the current generation of form grabbing key logger malware.

It is an object of an embodiment of the present invention to provide a solution to protect against key loggers that is not disruptive of the system and does not depend on user experience by, for example, asking the user to determine whether flagged processes or programs should be allowed to operate. The solution of the present invention does not depend on detection of malware at all. An embodiment of the present invention, instead, defeats the action of form-grabbing key loggers. An embodiment of the present invention can likewise defeat the action of hook-based key loggers that are capable of operating in the presence of scramblers.

It is the further object of this invention to provide a solution that is compatible with all common widely deployed browsers and without requiring a change of browsers by users.

Embodiments of the present invention relate to systems and methods for protection against the operation of malware commonly used in identify-theft and cyber-fraud. In particular, but not by way of limitation, embodiments of the present invention relate to an apparatus, systems, and methods for preventing key logger malware that utilizes form grabbing techniques to steal financial and identity information from users' browsers. Embodiments of the present invention also relate to an apparatus, system, and method to prevent hook-based keyloggers from stealing information.

An embodiment of the present invention acts proactively to take actions that stop keylogging malware from stealing information without requiring detection of the keylogging malware itself.

An embodiment of the present invention protects against malicious key logging software and stops it from capturing passwords and other data.

An embodiment of a method includes detecting a browser form submission initiation call event associated with data inputs entered by a user. Confidential data is prevented from being captured by the key logging malware. In one embodiment, this is performed without requiring detection of the key logging malware. In one embodiment, the detecting of a browser form submission initiation call event occurs at a most privileged access level. In one embodiment, an anti-key logger is installed at a most privileged access level for browser events.

Embodiments of the present invention include implementations in personal computers (PCs), computing devices, and portable devices, such as PDAs, a handheld computer, a tablet computer, a laptop computer, or a notebook computer.

is an overview of the environment in which embodiments of the invention operate, and the generalized location of other components in accordance with an embodiment of the present invention. At the keyboard driver level () input is provided by a user, the AKL () functions at this level to protect the inputted keyboard data. The virtual keyboard () may be the next step in the flow of inputted keyboard data, and is a common location for a key logger () to be present to intercept the inputted data. The operating system () receives the inputted keyboard data and passes the data to the application () being utilized by the user, which is a location where keyloggers () also intercept inputted keyboard data. Finally, the application passes the inputted keyboard data to the internet web server () per the user request.

In one embodiment, initially, software in accordance with the present invention installs itself at the most privileged access level (e.g., a zero-ring level) for all browser events within a stack. This ensures all instances of the web browser are protected. In one embodiment, the software in accordance with the present invention installs itself to the stack last, to ensure it is called first to prevent a keylogger from having a superior level of access. In one embodiment, the software in accordance with the present invention is placement aware and renegotiates its location in the API stack to ensure there are no other hooks that circumvent the protection at any time.

As illustrated in software in accordance with an embodiment of the invention inserts itself in the API stack last, causing this software to be called first (S). When a BeforeNavigate event is identified (S), the software confirms its placement in the API stack (S). When a form submission event occurs (S), the software identifies all forms on the called web page (S). If forms are present, the software connects to each form submission event (S), the invention clears all form inputs marked with INPUT or PASSWORD (S), and then the event handler clears all passwords (S). The software provides the user inputted data to the OnSubmit event in due course to the designated receiving party, such as a bank (S). The software also ensures all password forms fields are cleared from the API chain (S) and thus are unavailable to capture by form grabbing key loggers.

This embodiment of the invention affects the current BeforeNavigate event handler or the equivalent event handler in other types of browsers. The software then identifies all forms on the web page and in each form then clears the elements with the tag=“INPUT” and type=“PASSWORD” (S). The password in each form is cleared per event by the software (S).

As illustrated in , in one embodiment the software inserts itself in the API stack last, causing this software to be called first (). When a BeforeNavigate event is identified (), the software confirms its placement in the API stack (). The software identifies all forms on the called web page (). If forms are present, the software connects to each form submission event (), the invention clears all form inputs marked with INPUT or PASSWORD (), and then the event handler clears all passwords (). The software provides the input through the OnSubmit event (), and ensures all password forms fields are cleared ().

In summary, the following are the steps in the operation of an embodiment of the present invention:

• • Set a hook at the most privileged access level in the API stack
  • Detect any form submission event
  • Allow form data submission
  • Clear form data

An embodiment of a method for blocking form-grabbing attacks comprises the following: Upon detection of a form submission event from the browser, and immediately after allowing the data to be properly submitted, the form input fields are cleared of data. The result of this method is to prevent form-grabbing key loggers from capturing form input data and thereby to protect the user from theft of passwords or credentials.

There are two types of Windows Hooks: thread-specific hooks and system-wide hooks. A thread specific hook is associated only with a particular thread, including any thread owned by the calling process. To associate the anti-key logger hook with other processes and threads, the present invention employs a system-wide hook. Each hook is associated with a hook procedure. This procedure is always called when a particular event occurs. For example, when there is an event associated with the mouse, this hook procedure is called. In Windows®, the hook is set by calling the function SetWindowsHookEx( ). The hook is later removed by calling UnhookWindowsHookEx( ).

The invention protects itself at the most privileged access level by evoking SetWindowsHookEx(WH_KEYBOARD_LL, KeyboardProc, hlnst, 0) thereby initiating and maintaining the low global level system hook. By monitoring this state we can thereby protect and identify any hook attempts from ring 3. Any attempts to intercept the hook are then rejected and passed down the API chain.

Typical hook-based key loggers catch each character as it is pressed, while a form grabber connects to browser events and in the BeforeNavigate event, when password fields are already filled, searches the password box on page and retrieves its text, including the full credential set.

Embodiments of the present invention provide a system and method for managing malware. In one embodiment, a form-grabbing key logger inserts a hook Dynamic Link Library file into the system-wide hook chain, and all key messages are intercepted by the Hook DLL unless it is kicked off the chain by another program or deprived of receiving messages by its top hook DLL. In a preferred embodiment, the present invention includes an Anti-Key Logger (AKL) software program in the form of a browser helper object and a DLL file. In this embodiment, these two files act in concert, the effect of which is to act to prevent the action of the form-grabbing key logger thereby protecting data as it passes through its normal browser API route. The present system acts under the assumption that the user computer may already be compromised and that an undetected key logger may be in place. An embodiment of the present invention detects attempts to place hooks, by techniques such as modification of import tables or the insertion of inline hooks.

Another embodiment of the invention, as an alternative to the DLL and browser extension combination, is to embody the embodiment in a browser's source code. Another embodiment of the invention, as an alternative to the DLL and browser extension combination, is to embody the embodiment in a browser's source code.

As illustrated in , in one embodiment the initial hook placed by the present invention works within the 0-Ring level and the anti-form grabber code in the same instance (S). Step S illustrates a 0-Ring protection call being placed. Step S illustrates that in one embodiment if an unauthorized 0-ring call is detected in 0-ring, then the unauthorized call is deleted. In one embodiment, the invention hooks its protection around the kernel keyboard driver (S) where it intercepts keystroke interrupt requests and begins its encryption of the keystroke data (S) received from the keyboard (S). This data is then passed into the Ring 3 level, the Operating System (S) then onto the intended application, typically a web browser (S) whereby the keystrokes are decrypted by the Browser helper object (S) or other browser plug-in and presented to the web form for submission as normal via the Internet (S) to the designated receiving entity (S). Accordingly, the present invention prevents the action of driver-based software key loggers as well as form grabbing key loggers.

Referring to , the first API stack, titled Typical Web Browser API Stack, highlights the hardware driver () interacting with the web browser () as two objects in the API stack. The second API stack, labeled Web Browser API Stack with Keylogger, shows both the hardware driver () and the web browser (, with the keylogger () running between both objects in the API stack intercepting all keyboard input destined for the browser. The third API stack represents all the previous objects in the API stack, hardware driver (), keylogger (), and web browser (). Included in stack, in proper order, is the inclusion of the software which counters any keylogger in the stack.

Referring to , an embodiment of the invention, the software containing anti-key logger functionality () is distributed by a financial institution () to thousands or millions of its customers which have online access to their accounts through browsers based on individual PCs or other computing devices ().

In another embodiment of the invention, software containing anti-key logger functionality can be distributed by a financial institution to thousands or millions of its customers which have online access to their accounts. This software is downloaded to each individual accountholder PC upon initiation of an online access session with the financial institution. The anti-key logger software operating on each individual PC incorporates processes enabling it to communicate with a master server appliance or hierarchy of server appliances within the financial institution in order to allow tracking of accountholder PCs that have downloaded and installed this software. After installation, upon initiation of each subsequent online access session with the financial institution the software verifies its presence on the PC and identifies itself. In the case of an accountholder that initiates an online access session (account login) from a PC which does not have the AKL installed, the financial institution can choose to deny access or require a higher level of authentication. In addition, the financial institution may recommend to the user that his or her password be changed based on the greater exposure to theft of credentials during use of a browser running on a PC that is not protected by the AKL.

Another aspect of the embodiment that uses AKL functions distributed to multiple online accountholders from a central server is the addition of blacklist, whitelist, or both blacklists and whitelists to the AKL functions. Such signature lists can include known Phishing sites which target the financial institution's accountholders or, in the case of white lists, can include newly launched sites which are used to deliver services to the institution's customers. By focusing on blacklists of sites that target the host financial institution, as opposed to incorporating broad-based blacklists, the signature list updates can be provided in small size files which do not cause noticeable waits or otherwise degrade system performance. The addition of such lists complements the effectiveness of the AKL in preventing the ability for malware to comprise the credentials of an online user. Moreover, the server to PC communications processes, which verify the presence and identity of software in accordance with the present invention upon the initiation of each new online session, can be used as an occasion to update such signature lists. This creates the opportunity to update signature lists in a more timely fashion. A timelier updating of newly identified malicious sites is a significant benefit given that the window of operation for many Phishing sites is five to twenty four hours which is shorter than the update cycle of most commercial anti-virus and anti-spyware products.

In one embodiment, the software program further comprises a module for detecting malicious behaviors of a known malware, and a module for removing the malware.

is an example of a typical form used with a browser. Sensitive customer credentials and information are submitted through such forms to web sites of financial institutions in order to gain access to customer accounts. Such forms are also used to verify the identity of a customer and convey credit card or other payment data during an online purchase. Similar forms are used to gain access to web sites that may not involve financial accounts but which may contain confidential information including personally identifiable information, government records, health records, or other information that is private, proprietary or commercially sensitive.

illustrates the manner in which an embodiment of the invention functions to maintain its position in the API stack by illustration of its relation to kernel levelcalls. Ring 0 is the level with the most privileges and interacts most directly with the physical hardware such as the CPU and memory (). This is also known as the kernel level. Under an embodiment of the present invention, protection is inserted at this level () whereby the protection can determine if an unauthorized kernel level call is being made () at which time it is bounced from the API chain. If no attempt is detected the calls are passed to Ring 3 (Software level) () at which time calls are passed to the browser (). The browser handles requests including POST/GET commands and credentials are passed to the BeforeNavigate event () then on to the OnSubmit event () whereby user credentials are sent over the internet () to the intended receiving entity ().

Another embodiment includes a toolbar interface that allows the user to be aware of its operation. The use of such toolbars is well known in the art as these programs are commonly used to provide awareness of the operation of security monitoring functions. When a method according to the invention is incorporated into a software program containing blacklist-driven, heuristic-based, or other anti-phishing functionality, the users will be provided with graphic alerts when the browser is directed to web sites which are considered to be risky.

In one embodiment, the module for inserting and executing the predetermined software processes is dynamically installed in a computer, a mobile communication device or a mobile internet device which is different from the computer, the mobile communication device or the mobile internet device the user keyed in the data for the first time, and automatically uninstalled there from the module after the user logs off the different computer, mobile communication device or mobile internet device. In one embodiment, if a registered user tries to install the present invention from a different computer, the present invention will uninstall itself after operation in the different computer. The present invention may also be implemented be a part of an enterprise implementation with a master server.

The invention protects against at least the following threats:

• • Window title enumeration using FindWindow( )
  • BHO or Firefox Browser Extension hooks
  • LSP (Layered Service Provider)
  • DDE (Dynamic Data Exchange) using WWW_GetWindowinfo topic
  • OLE (Object Linking and Embedding) using IWebBrowser2
  • API Hooking (e.g. Wininet HttpSendRequest)
  • Windows Hooking (e.g. SetWindowsHookEx,WH_GETMESSAGE/WH_KEYBOARD)
  • Form grabber key loggers
  • Browser location (current URL) gatherers

While the foregoing description utilizes Internet Explorer® as an example, the invention is not limited to this browser but can be utilized with any internet browser, including but not limited to Firefox®, Safari® or Opera®. In one embodiment, the software modules or processes of the present invention can all be called in a single file object. In one embodiment, the present invention can be integrated into the browser itself. Alternatively, the present invention can be invoked/downloaded by an individual web page or website.

The software modules or processes of the present invention can all be called in a single file object. The present invention can be integrated into the browser itself. Alternatively, the present invention can be invoked/downloaded by an individual web page or website.

The present invention can be applied to existing or evolving software operating systems and development tools such as Javascript, Ajax, Flash and RIA, for cross platform use or mobile applications. Each platform has a different operating system therefore has different call structures and API methods. The invention can be applied to different OS's by manipulating different calls as they apply to the different OS and those related calls.

In an alternative embodiment, software embodying the invention can be packaged as a standalone component to allow the product to be delivered to the client in a manner requiring minimal interaction. For example, one embodiment would utilize the component object model (COM) developed by Microsoft for Windows platforms. Software based on ActiveX technology is prevalent in the form of Internet Explorer plug-ins and, more commonly, in ActiveX controls.

In yet another embodiment of the invention, a portable device contains an installable embodiment of the invention. In this form, the invention can be used by an accountholder of a financial institution when accessing his or her account via a browser on a public use or other PC that is not known to be protected by the invention. Examples of such PCs might be those available in airports, internet cafes, or hotel business centers.

A software program according to one embodiment of the invention is embedded in a microprocessor-readable storage medium and executable by a microprocessor to prevent software key logging. The software program comprises a module for inserting and executing predetermined software processes at the most privileged access level in an application programming interface (“API”) stack of a browser. The software processes includes a process of detecting a browser form submission initiation event at the most privileged access level; a process of intercepting data inputs keyed in by a user at the most privileged access level; and a process of (1) submitting the keyed-in data to a designated entity through the API stack while (2) clearing confidential data from intercepted data at the most privileged access level prior to a subsequent transmission, which does not contain the confidential data, in response to the software key logging through the API stack to an internet communication port.

The browser may be Internet Explorer, and the form submission initiation call event takes a form of an OnSubmit call or a BeforeNavigate call under Internet Explorer.

The predetermined software processes may be integrated into a single browser-called code object. The predetermined software processes maybe contained in a form of a non-executable file. The predetermined software processes may be integrated into the browser, and the browser may be Internet Explorer or other browser.

The module may be embodied in an ActiveX object to operate within the Windows operating system, or embodied in a browser extension file to operate within the Mozilla Firefox browser. Alternatively, the module is embodied in a platform-independent object-oriented programming language used for writing applets downloaded from internet, and the cross platform programming language is Java.

The module may be initiated and called by a web site or a web page, or the module is called locally in conjunction with a specific web site or a web page. Alternatively, the module is downloaded in response to a web page after determining that the module is not present therein.

The foregoing description portrays various embodiments of the present invention along with examples of how the present invention may be implemented. These examples and embodiments should not be considered the only possible embodiments or implementations of the present invention. Further embodiments of present invention may involve the operation of a portable or wireless device, including implementation of the invention or portions of the invention in software operating on such a device, or firmware embedded in such a device or transmitted to the device from a remote system.

Portions of the present invention may be applied to general purpose or a specialized digital device, computer system, server, computer or microprocessor programmed according to the teachings of the present disclosure, as will be apparent to those skilled in the art of communication, computer and e-commerce. The microprocessor can be embedded in a computer, a computing device, a portable device, a mobile communication device or a mobile internet device. The mobile communication device may be a cellular phone, a radio phone, a satellite phone, or a smartphone. The mobile internet device may be a PDA, a handheld computer, a tablet computer, a laptop computer, or a notebook computer.

Appropriate software coding can readily be prepared by skilled programmers based on the teachings of the present disclosure, as will be apparent to those skilled in the software art. The invention may also be implemented by the preparation of application specific integrated circuits or by interconnecting an appropriate network of conventional component circuits, as will be readily apparent to those skilled in the art.

The present invention includes a computer program product which is embedded in a storage/recording medium (media) having instructions stored thereon/in which can be used to control, or cause, a microprocessor or a computer to perform any of the processes of the present invention. The storage medium can include, but is not limited to, any type of disk including floppy disks, mini disks (MD's), optical discs, DVD, CD-ROMS, micro-drive, and magneto-optical disks, ROMs, RAMs, EPROMs, EEPROMs, DRAMs, VRAMs, flash memory devices (including flash cards, USP drivers), magnetic or optical cards, nanosystems (including molecular memory ICs), RAID devices, remote data storage/archive/warehousing, or any type of media or device suitable for storing instructions and/or data.

Stored on any one of the computer readable medium (media), the present invention includes software for controlling both the hardware of the general purpose/specialized computer or microprocessor, and for enabling the computer or microprocessor to interact with a human user or other mechanism utilizing the results of the present invention. Such software may include, but is not limited to, device drivers, operating systems, and user applications.

Ultimately, such computer readable media further includes software for performing the present invention, as described above. Included in the programming (software) of the general/specialized computer or microprocessor are software modules for implementing the teachings of the present invention.

Embodiments of the present invention include software, systems and methodology for protecting against malware key logger attacks that utilize, for example, form-grabbing techniques. The browser is protected from key logging malware attacks and the loss of critical user confidential information often entered into internet forms for the purpose of buying items or logging into financial institutions. An embodiment of a method for blocking form-grabbing attacks including the following steps. Upon detecting a form submission event from the browser, and immediately after allowing the data to be properly submitted, the form input fields are cleared of data. The method prevents hook-based key loggers or form-grabbing key loggers from capturing form input data, thereby protecting the user from theft of passwords or credentials.

In one embodiment, the process of intercepting also encrypts the data inputs keyed in by the user at the kernel level, and the module further includes a process of passing the encrypted data to a 3-ring level, and a process of decrypting data which passed via the 3-ring level.

A software program according to another embodiment of the invention is embedded in a microprocessor-readable storage medium and executable by a microprocessor to prevent software key logging. The software program comprises: a module for inserting and executing predetermined software processes at the most privileged access level in an application programming interface (“API”) stack of a browser. The software processes includes: a process of inserting an initial hook which works within the kernel level and prevents any other hooks from inserting at a superior level of access; a process of detecting a browser form submission initiation call event at the most privileged access level; a process of intercepting and encrypting data inputs keyed in by a user at the kernel level; a process of passing the encrypted data to a 3-ring level where a hook is inserted by a hook-based key logger; a process of decrypting data passed to the 3-ring level; and a process of submitting the decrypted data to a designated entity through the API stack to an internet communication port.

A method for preventing software key logging executable by a microprocessor according to yet another embodiment of the invention, comprises: a step of inserting and executing by the microprocessor a pre-determined software process at the most privileged access level in an application programming interface (“API”) stack of a browser. The software processes includes: a process of detecting a browser form submission initiation event at the most privileged access level; a process of intercepting data inputs keyed in by a user at the most privileged access level; and a process of (1) submitting the keyed-in data to a designated entity through the API stack while (2) clearing confidential data from intercepted data immediately after allowing the data to be properly submitted, in response to the software key logging through the API stack to an internet communication port.

In conclusion, the present invention provides, among other things, a system and method for protecting against form-grabbing and other key loggers. Those skilled in the art can readily recognize that numerous variations and substitutions may be made in the invention, its use and its configuration to achieve substantially the same results as achieved by the embodiments described herein. Accordingly, there is no intention to limit the invention to the disclosed exemplary forms. Many variations, modifications and alternative constructions fall within the scope and spirit of the disclosed invention as expressed in the embodiments.

Although the present invention has been fully described in connection with the preferred embodiment thereof with reference to the accompanying drawings, it is to be noted that various changes and modifications will be apparent to those skilled in the art. Such changes and modifications are to be understood as included within the scope of the present invention as defined by the appended claims, unless they depart therefrom.

Demonstration in support of "fildelning" (file sharing, including of warez), in Sweden in

Warez is a common computing and broader cultural term referring to pirated software (i.e. illegally copied, often after deactivation of anti-piracy measures) that is distributed via the Internet. Warez is used most commonly as a noun, a plural form of ware (short for computer software), and is intended to be pronounced like the word wares, /ˈwɛərz/. The circumvention of copy protection (cracking) is an essential step in generating warez, and based on this common mechanism, the software-focused definition has been extended to include other copyright-protected materials, including movies and games. The global array of warez groups has been referred to as "The Scene", deriving from its earlier description as "the warez scene". Distribution and trade of copyrighted works without payment of fees or royalties generally violates national and international copyright laws and agreements. The term warez covers supported as well as unsupported (abandonware) items, and legal prohibitions governing creation and distribution of warez cover both profit-driven and "enthusiast" generators and distributors of such items.

Terminology[edit]

Warez, and its leetspeak form W4r3z,^[1] are plural representations of the word "ware" (short for computer software),^[1][2] and are terms used to refer to "[p]irated software distributed over the Internet,"^[3] that is, "[s]oftware that has been illegally copied and made available"^[4][5] e.g., after having "protection codes de-activated".^[1] "Cracking, or circumventing copy protection, is an essential part of the warez process,"^[6] and via this commonality, the definition focused on computer software has been extended to include other forms of material under copyright protection, especially movies.^[6] As Aaron Schwabach notes, the term covers both supported and unsupported materials (the latter unsupported, termed abandonware), and legal recourses aimed at stemming the creation and distribution of warez are designed to cover both profit-driven and "enthusiast" practitioners.^[6] Hence, the term refers to copyrighted works that are distributed without fees or royalties and so traded in general violation of copyright law.^{[7][better&#;source&#;needed]}

The term warez, which is intended to be pronounced like the word "wares" (/ˈwɛərz/), was coined in the s;^[4] its origin is with an unknown member of an underground computing circle,^{[citation needed]} but has since become commonplace among Internet users and the mass media.^{[citation needed]} It is used most commonly as a noun:^[4] "My neighbour downloaded 10 gigabytes of warez yesterday"; but has also been used as a verb:^{[citation needed]} "The new Windows was warezed a month before the company officially released it".^{[This quote needs a citation]} The global collection of warez groups has been referred to as "The Warez Scene," or more ambiguously "The Scene."^[8]:p[9][5]

While the term 'piracy' is commonly used to describe a significant range of activities, most of which are unlawful, the relatively neutral meaning in this context is "mak[ing] use of or reproduc[ing] the work of another without authorization".^[10] Some groups (including the GNU project of the Free Software Foundation, FSF) object to the use of this and other words such as "theft" because they represent an attempt to create a particular impression in the reader:

Publishers often refer to prohibited copying as "piracy." In this way, they imply that illegal copying is ethically equivalent to attacking ships on the high seas, kidnapping and murdering the people on them.^[11]

The FSF advocates the use of terms like "prohibited copying" or "unauthorized copying", or "sharing information with your neighbor."^[11] Hence, the term "software pirate" is controversial; FSF derides its use, while many self-described pirates take pride in the term,^{[citation needed]} and some groups (e.g., Pirates with Attitudes) fully embrace it.^{[citation needed]}

Direct download [DDL] sites are web locations that index links to locations where files can be directly downloaded to the user's computer; many such sites link to free file hosting services, for the hosting of materials.^[12] DDL sites do not directly host the material and can avoid the fees that normally accompany large file hosting.

Motivations and arguments[edit]

The production and/or distribution of warez is illegal in most countries due to the protections provided in the TRIPS Agreement.^[13] Software infringers generally exploit the international nature of the copyright issue to avoid law enforcement in specific countries.^{[citation needed]} Violations are typically overlooked in poorer third world countries, and other countries with weak or non-existent protection for intellectual property.^[14] Additionally, some first world countries have loopholes in legislation that allow the warez to continue.^[15][16]

There is also a movement, exemplified by groups like The Pirate Party and scholars at The Mises Institute, that the very idea of intellectual property is an anathema to free society.^[17][18][19] This is in contrast to some of the more traditional open source advocates such as Lawrence Lessig, who advocate for middle ground between freedom and intellectual property.^[20]

Legality[edit]

Generally, there are four elements of criminal copyright infringement: the existence of a valid copyright, that copyright was infringed, the infringement was willful, and the infringement was either substantial, or for commercial gain (at levels often set by statute).^[21][22][23] Offering warez is generally understood to be a form of copyright infringement that is punishable as either a civil wrong or a crime.^{[21](p6)[6](p)}

Often sites hosting torrent files claim that they are not breaking any laws because they are not offering the actual data, rather only a link to other places or peers that contain the infringing material.^{[citation needed]} However, many prosecution cases and convictions argue to the contrary. For instance, Dimitri Mader, the French national who operates a movie distribution warez site, Wawa-Mania, was fined 20, € and sentenced, in absentia, to a year in jail by a European court (after fleeing France for the Philippines), for his role in managing the site.^[24] In the U.S., through , more than 80 individuals had been prosecuted and convicted for trade in warez products (under the NET Act and other statutes), for movie and software pirating in particular, with a number of individuals being imprisoned, including some enthusiast traders.^[6]:p[25]

However, laws and their application to warez activities may vary greatly from country to country;^{[citation needed]} for instance, while Wawa-Mania is under sanction in France, it remains in operation via a host in Moldova, and through use of an Ecuadorian top-level domain.^[24] Hence, while high-profile web hosts and domain providers^[who?] generally do not permit the hosting of warez, and delete sites found to be hosting them,^{[citation needed]} private endeavours and small commercial entities continue to allow the trade in warez to continue.^{[citation needed]} And, in some countries, and at some times, software "piracy" has been encouraged, and international and usual national legal protections ignored.^{[citation needed]} A dispute between Iran and United States over membership in WTO and subsequent U.S. block of Iran's attempts at full-membership has led Iran to encourage the copying of U.S. software; hence, there has been a subsequent surge in Iranian "warez" and "crackz" websites (as Iranian laws do not forbid hosting them inside Iran).^{[citation needed]} The same policy has been adopted by Antigua,^{[citation needed]} and others.^{[citation needed]}

Distribution[edit]

Warez are often distributed outside of The Scene (a collection of warez groups) by torrents (files including tracker info, piece size, uncompressed file size, comments, and vary in size from 1&#;k, to &#;k.) uploaded to a popular P2P website by an associate or friend of the cracker or cracking crew. An nfo or FILE standardservices.com.pk is often made to promote who created the release. It is then leeched (downloaded) by users of the tracker and spread to other sharing sites using P2P, or other sources such as newsgroups. From there, it can be downloaded by millions of users all over the world. Often, one release is duplicated, renamed, then re-uploaded to different sites so that eventually, it can become impossible to trace the original file. Another increasingly popular method of distributing Warez is via one-click hosting websites.^[26] In the early s, warez were often traded on cassette tapes with different groups and published on bulletin boards that had a warez section.

Rise of software infringement[edit]

Unauthorized copying has been an ongoing phenomenon that started when high quality, commercially produced software was released for sale. Whether the medium was cassette tape or floppy disk, cracking enthusiasts found a way to duplicate the software and spread it without the permission of the maker. Thriving bootlegging communities were built around the Apple II, Commodore 64, the Atari and Atari line, the ZX Spectrum, the Amiga, and the Atari ST, among other personal computers. Entire networks of BBSes sprang up to traffic illegal software from one user to the next. Machines like the Amiga and the Commodore 64 had an international network, through which software not available on one continent would eventually make its way to every region via bulletin board systems.

It was also quite common in the s to use physical floppy disks and the postal service for spreading software, in an activity known as mail trading. Prior to the sale of software that came on CD-ROM discs and after hard drives had become available, the software did not require the floppy disc to be in the drive when starting and using the program. So, a user could install it onto his/her computer and mail the disk to the next person, who could do the same. Particularly widespread in continental Europe, mail trading was even used by many of the leading cracker groups as their primary channel of interaction. Software copyright violation via mail trading was also the most common means for many computer hobbyists in the Eastern bloc countries to receive new Western software for their computers.

A screen shot of pftp logged into several ftp sites. This tool was used by couriers to quickly and easily move large amounts of software from one site to many others. Since couriering was competitive, using this tool was considered cheating.

Copy-protection schemes for the early systems were designed to defeat casual duplication attempts, as "crackers" would typically release a copied game to the "pirate" community the day they were earmarked for market.

A famous event in the history of software copyright policy was an open letter written by Bill Gates of Microsoft, dated February 3, , in which he argued that the quality of available software would increase if "software piracy" were less prevalent. However, until the early s, software copyright infringement was not yet considered a serious problem by most people. In , the Software Publishers Association began to battle against this phenomenon, with its promotional video "Don't Copy That Floppy". It and the Business Software Alliance have remained the most active anti-infringement organizations worldwide, although to compensate for extensive growth in recent years, they have gained the assistance of the Recording Industry Association of America (RIAA), the Motion Picture Association of America (MPAA), as well as American Society of Composers, Authors, and Publishers (ASCAP) and Broadcast Music Incorporated (BMI).

Today most warez files are distributed to the public via bittorrent and One-click hosting sites. Some of the most popular software companies that are being targeted are Adobe, Microsoft, Nero, Apple, DreamWorks, and Autodesk, to name a few. To reduce the spread of illegal copying, some companies have hired people to release "fake" torrents (known as Torrent poisoning), which look real and are meant to be downloaded, but while downloading the individual does not realize that the company that owns the software has received his/her IP address. They will then contact his/her ISP, and further legal action may be taken by the company/ISP.^{[clarification needed]}

Causes that have accelerated its growth[edit]

Similar to televisions and telephones, computers have become a necessity to every person in the information age. As the use of computers increased, so had software and cyber crimes.

In the mids, the average Internet user was still on dial-up, with average speed ranging between and kbit/s. If one wished to download a piece of software, which could run about MB, the download time could be longer than one day, depending on network traffic, the Internet Service Provider, and the server. Around , broadband began to gain popularity due to its greatly increased network speeds. As "large-sized file transfer" problems became less severe, warez became more widespread and began to affect large software files like animations and movies.

In the past, files were distributed by point-to-point technology: with a central uploader distributing files to downloaders. With these systems, a large number of downloaders for a popular file uses an increasingly larger amount of bandwidth. If there are too many downloads, the server can become unavailable. The opposite is true for peer-to-peer networking; the more downloaders the faster the file distribution is. With swarming technology as implemented in file sharing systems like eDonkey or BitTorrent, downloaders help the uploader by picking up some of its uploading responsibilities. There are many sites with links to One-click hosting websites and other sites where one can upload files that contribute to the growing amount of warez.

Distribution via compromised FTP servers[edit]

Prior to the development of modern peer-to-peer sharing systems and home broadband service, sharing warez sometimes involved warez groups scanning the Internet for weakly secured computer systems with high-speed connections. These weakly secured systems would be compromised by exploiting the poor FTP security, creating a special directory on the server with an unassuming name to contain the illegal content.^[27][28]

A common mistake of early FTP administrators was to permit a directory named /incoming that allows full read and write access by external users, but the files themselves in /incoming were hidden; by creating a directory inside /incoming, this hidden directory would then allow normal file viewing.^{[citation needed]} Users of the compromised site would be directed to log in and go to a location such as /incoming/data/warez to find the warez content. Messages could be left for other warez users by uploading a plain text file with the message inside.^{[citation needed]}

Hackers would also use known software bugs to illicitly gain full administrative remote control over a computer, and install a hidden FTP service to host their wares.^{[citation needed]} This FTP service was usually running on an unusual port number, or with a non-anonymous login name like "login: warez / Password: warez" to help prevent discovery by legitimate users; information about this compromised system would then be distributed to a select group of people who were part of the warez scene.^{[citation needed]}

It was important for warez group members to regulate who had access to these compromised FTP servers, to keep the network bandwidth usage low.^{[citation needed]} A site that suddenly became very popular would be noticed by the real owners of the equipment, as their business systems became slow or low on disk space; investigation of system usage would then inevitably result in discovery and removal of the warez, and tightening of the site security.^{[citation needed]}

Automated warez distribution via IRC bots[edit]

As the ability to compromise and attain full remote control of business servers became more developed, the warez groups would hack a server and install an IRC bot on the compromised systems alongside the FTP service, or the IRC bot would provide file sharing directly by itself. This software would intelligently regulate access to the illicit data by using file queues to limit bandwidth usage, or by only running during off-hours overnight when the business owning the compromised hardware was closed for the day.^[27]

In order to advertise the existence of the compromised site, the IRC software would join public IRC warez channels as a bot and post into the channel with occasional status messages every few minutes, providing information about how many people are logged into the warez host, how many files are currently being downloaded, what the upload/download ratio is (to force users into contributing data of their own before they can download), which warez distributor is running the bot, and other status information.^[29]

This functionality still exists and can still be found on IRC warez channels, as an alternative to the modern and streamlined P2P distribution systems.^[30][31] The opportunity to find and compromise poorly secured systems on which to create an illicit warez distribution site has only increased with the popular use of broadband service by home users who may not fully understand the security implications of having their home computer always turned on and connected to the Internet^{[citation needed]}

Types[edit]

There is generally a distinction made between different sub-types of warez. The unusual spellings shown here were commonly used as directory names within a compromised server, to organize the files rather than having them all thrown together in a single random collection.

• Apps – Applications: Generally a retail version of a software package.
• Cracks – Cracked applications: A modified executable or more (usually one) and/or a library (usually one) or more and/or a patch designed to turn a trial version of a software package into the full version and/or bypass copy protections.
• Dox – Video game add-ons: These include nocds, cracks, trainers, cheat codes etc.
• EBook – E-books: These include unlicensed copies of Ebooks, scanned books, scanned comics, etc.
• Games – Games: This scene concentrates on both computer based games, and video game consoles, often released as ISO or other format disk image.
• Hacks – Simplified/Specific Hacking Tools: Programs designed to perform specific hacks at the click of a button, typically with a limited scope, such as AOHell and AOL4Free.^[32][33]
• Keygens – Keygen software are tools that replicate the registration/activation process of a genuine software product and generate the necessary keys to activate the software.
• Movies – Movies: Unauthorized copies of movies, can be released while still in theaters or from CDs/DVDs/Blu-ray prior to the actual retail date.
• MP3s – MP3 audio: Audio from albums, singles, or other sources usually obtained by ripping a CD or a radio broadcast and released in the compressed audio format MP3.
• MVids – Music videos – Can be ripped from TV, HDTV, DVDs or VCDs.
• NoCD, NoDVD, FixedExe – A file modification that allows an installed program to be run without inserting the CD or DVD into the drive.
• RIP – A game that doesn't have to be installed; any required registry entry can be included as a .reg file. RIP games can be ripped of music and/or video files, or, for video games, ROMs, thus decreasing the size of the download.^[34] RIPs with nothing ripped out sometimes are referred to as DP (direct play).
• Portables – Portable applications: Similar to RIPs, but in this case they're software applications instead of video games. The point of portable software is the fact that it can be placed on removable media (or any place on the local hard drive) and doesn't need installing; usually it is compressed into one executable file, by using software like VMware ThinApp or MoleBox.
• Scripts – Scripts: These include unlicensed copies of commercial scripts (such as vBulletin, Invision Power Board, etc.) coded by companies in PHP, ASP, and other languages.
• Subs – Subtitles: can be integrated in a TV-Rip or Movie.
• Serials – Refers to a collection of keys such as serial numbers made available for the purpose of activating trial software, without payment.
• Templates – Templates: These include leaked commercial website templates coded by companies.
• TV-Rips – Television programs: Television shows or movies, usually with commercials edited out. Commonly released within a few hours after airing. DVD Rips of television series fall under this sub-type.
• XXX – Pornography: These can be imagesets, paysite videos or retail movies.
• Zero-day or 0-day – Any copyrighted work that has been released the same day as the original product, or sometimes even before.^[35] It is considered a mark of skill among warez distro groups to crack and distribute a program on the same day as its commercial release.

Movie infringement[edit]

Moviecopyright infringement was looked upon as impossible by the major studios. When dial-up was common in early and mids, movies distributed on the Internet tended to be small. The technique that was usually used to make them small was to use compression software, thus lowering the video quality significantly. At that time, the largest copyright violation threat was software.

However, along with the rise in broadband internet connections beginning around , higher quality movies began to see widespread distribution – with the release of DeCSS, ISO images copied directly from the original DVDs were slowly becoming a feasible distribution method. Today, movie sharing has become so common that it has caused major concern amongst movie studios and their representative organizations. Because of this the MPAA is often running campaigns during movie trailers where it tries to discourage people from copying material without permission. Unlike the music industry, which has had online music stores available for several years, the movie industry moved to online distribution only in , after the launch of Amazon Unbox.

Because of this, cameras are sometimes forbidden in movie theaters.

File formats[edit]

A CD software release can contain up to &#;megabytes of data, which presented challenges when sending over the Internet, particularly in the late s when broadband was unavailable to most home consumers. These challenges apply to an even greater extent for a single-layer DVD release, which can contain up to &#;GB of data. The warez scene made it standard practice to split releases up into many separate pieces, called disks, using several file compression formats: (historical TAR, LZH, ACE, UHA, ARJ), ZIP, and most commonly RAR. The original purpose of these "disks" was so that each .rar file could fit on a single &#;MB 3½ inch floppy disk. With the growing size of games, this is no longer feasible, as hundreds of disks would need to be used. The average size of disks released by groups today are 50&#;megabytes or &#;megabytes, however it is common to find disks up to &#;megabytes.

This method has many advantages over sending a single large file:

• The two-layer compression could sometimes achieve almost a tenfold improvement over the original DVD/CD image. The overall file size is cut down and lessens the transfer time and bandwidth required.
• If there is a problem during the file transfer and data was corrupted, it is only necessary to resend the few corrupted RAR files instead of resending the entire large file.
• This method also allows the possibility of downloading separate ‘disks’ from different sources, as an early attempt at modern segmented downloading.
  • In the case of One-click hosting websites, downloading multiple files from one or several sources can significantly increase download speeds. This is because even if the source(s) provides slow download speeds on individual disks, downloading several disks simultaneously will allow the user to achieve much greater download rates.

Despite the fact that many modern ftp programs support segmented downloading, the compression via RAR, ZIP, and breaking up of files has not changed.

Releases of software titles often come in two forms. The full form is a full version of a game or application, generally released as CD or DVD-writable disk images (BIN or ISO files). A rip is a cut-down version of the title in which additions included on the legitimate DVD/CD (generally PDF manuals, help files, tutorials, and audio/video media) are omitted. In a game rip, generally all game video is removed, and the audio is compressed to MP3 or Vorbis, which must then be decoded to its original form before playing. These rips are very rare today, as most modern broadband connections can easily handle the full files, and the audio is usually already compressed by the original producer in some fashion.

Warez and malware[edit]

There is a common perception that warez sites represent high risk in terms of malware.^[36] In addition, there are several papers showing there is indeed correlation between warez/file sharing sites and malware. In particular, one study^[37] shows that out of all domains the study classified as pirate, % are infected (while out of random domains only % were infected); another study^[38] maintains that '"maliciousness" of the content for sites they classified as pirate (which specifically included warez sites) is the highest among all the researched site categories. Domains related to anti-copy protection tools are among the most malicious sites.^[39][40] Another study specifically targeted anti-copy protection tools such as cracks and key generators. They conclude that the majority of these programs aim to infect the user's computer with one or more types of malware. The chance of the end-user being exposed to malicious code when dealing with cracked applications or games is more than 50%.^[39]

These statistical data can be questionable though, because most prominent Antivirus software programs tend to classify KeyGens as viruses a priori, although most keygens do not infect the users' computers in any way.^{[citation needed]}

Infected warez directly from the warez scene on the other hand, is a very unusual occurrence. The malicious content is usually added at a later stage by third parties.^[41]

Demographics[edit]

Warez traders share many similarities to both hackers and crackers. Primary warez distribution groups include a single cracker that renders all copy protected technologies in a warez inoperable. Unlike the typical age of a hacker and cracker, the general age and demographics of a warez trader are older and married IT professionals. The need for attention is another similarity between the groups as well as believe that digital property should be free.^[42][43]

See also[edit]

References[edit]

The copy protection system is easy to use, and it provides reliable copyright protection.

Take a look at the most important features included in this program below:

• The software makes sure that the data from your DVD or CD cannot be copied onto another.
• It provides effective protection to leverage your business and increase your profits.
• It also includes a USB Flash Drive Copy Protection tool that offers one of the best USB security solutions that will help users have complete control over copy protection.
• The tool is updated to meet the changing needs of the market.
• This software protects the integrity of your digital content, and it also maintains compatibility.

Webtoolmaste software is a tool that includes lots of protection features to make sure that your data stays safe. You will get more anti-virus protection with the program, and this makes it a sort of an anti-virus complement.

Download Webtoolmaster from its official website.

3. DVD Copy Protect

DVD Copy Protect is a really useful program that allows you to protect your DVD media. This is done via the form of a copy protection app that enables users to have professional grade protection applied to their media files.

Check out the most important features that are packed in the DVD Copy Protect software:

• The program is quick and easy to install.
• It features a wide range of menu navigation options appropriate for all types of users.
• Both novice and professional users will benefit from the application.
• It allows you to also clone existing DVDs without any loss in video and sound quality.
• This software is intended to be used to protect your DVDs from being copied by pirates.
• No one will be able to use the data that is stored on your DVD without permission.

This program supports both PAL and NTSC DVD movie formats, and you will be able to use it will all form of DVD and CD burners. The entire DVD is able to be copy protected, and this includes language options, subtitles, special features, and all the menus as well.

Download the software from its official website.

4. ProtectBURN Video

Protect Software develops leading copy protection and also license control solutions for programs, videos and virtually any content since The company has been securing the valuable properties of its large and small clients as well.

With ProtectBURN Video you can copy protect your video DVDs against illegal copies and sharing, to increase your sales.

Just take a look at the program’s most useful features below:

• It is easy to apply and very efficient.
• The program is compatible with virtually all DVD-players.
• ProtectBURN Video protects against sector copies.
• You can create protected DVDs without authoring changes.
• You will be able to burn/write DVDs using most standard software and burners including robotics system/duplicators such as Epson, Primera or Rimage.

ProtectBURN Video is extremely easy to use, and you also have the ability to check out the free trial. This software is used by fours of the leading Hollywood studios, and ProtectBURN Video protects Oscar-nominated titles and screener distribution of pre-release movies, so you should definitely give this one a try as well.

PretectBURN Video can be downloaded from its official website.

5. CD/DVD Copy Protection by StarForce

Adding copy protection technologies to optical discs is the only active measure against piracy. StarForce provides a reliable disc protection solution that is invisible to end-users but also becomes an unbreakable barrier for potential hackers.

User experience is really important, and it’s great that the end user doesn’t know about the built-in StarForce protection as long as this user will use the disc in a legit way.

Anyway, here are the best features of this software:

• StarForce protects the files by specially encrypting them.
• There’s a key for decryption located on a DVD.
• The protected files can be opened only if the original disc with the key is inserted into the computer.
• The protection system matches the disc key entered by the user to the physical parameters of the protected disc.
• After the disc is activated, the protection system authenticates the disc automatically, and the user doesn’t need to do anything else.

The costs include a license for 12 months and a fee for DVD quantity. StarForce protection is based on binding to an optical disc which features unique characteristics that cannot be falsified.

The software is available to download from its official website.

Despite the widespread use of digital sales online, DVDs are still popular these days because a DVD is one of the cheapest ways to distribute electronic information in some regions where Internet has poor penetration for instance.

It’s also useful if you want to have a binding to the media instead of the user’s device. So, DVDs and CDs won’t go out of fashion too quickly.

On a DVD, you can record anything, any type of data but DVDs can also be bought anywhere, and it’s easy for anyone to copy info from one disc and spread it without the copyright holder’s knowledge.

That’s why copy protection software is so necessary these days. Check out all the five tools that we have detailed above, and pick the one that seems to fit your needs best.

Editor’s Note:This post was originally published in November and has been since completely revamped and updated for freshness, accuracy, and comprehensiveness.

RELATED STORIES TO CHECK OUT: