Hello all, A friend of mine cracked navision is such a way he used any license file(with expiry date) and now he can even do everything a solution developer can without problems and even removed the expiry date. I saw it myself and I thought it was quite a secure product that it can’t be done. He even changed stx and etx file without any problems. He even defaced the graphics and icons within the finsql.exe that i wouldn’t recognize it’s navision if he hadn’t told me. I told him that it’s dangerous to do that but he was in fact even planning to sell it across the internet. I want to discuss it with you to see your views regarding this.
A very bad idea… Microsoft protects its intellectual property with extreme vigour and will almost certainly take severe action against your friend. I would suggest that you do what you can to stop him and if he still carries on, I would put some distance between him and you… Rgds Mark
I told him that but he said he has fully reverse engineered it and that he can recreate the original source of finsql.exe and that he could call it his own. What do you think about it? I’m not really a legal expert.
Er… No he cannot. I think you will find that the base code is as much copyright owned as anything else. Furthermore, all good software contracts clearly say that reverse engineering is forbidden - Any attempt to do so is breach of contract & illegal. If your friend wants to go into business writing ERP solutions & RDMS packages & wants to stay out of jail, then I suggest that he writes his own from scratch - Like everyone else. If your friend makes the mistake of carrying on, I suggest you make yourself scarce.
Unless your friend has completely re-written the software, then under international copyright, the intellectual property remains in the hands of MS. On the grounds that he originally based his reverse engineering on the Navision product, MS would have every right to the intellectual property involved, regardless of the new appearance and any recreation of .exe files which he has managed. My advice remains the same… Regards Mark
Ask your friend to send a CV + Cover Letter + a document describing how he cracked Navision to Microsoft He might end up working in Redmond or in DK developing a harder to crack licence [;)]
He might end up breaking stones or washing laundry.
quote:
Originally posted by PaulBradbury
He might end up breaking stones or washing laundry.
Might be in Britain but not in the Philipines[8D]
I think reverse engineering and selling that product is not a very good idea. But if he’s that good and understands how Navision works and can communicate with it by for example API/DLL calls, please ask your friend if he can instead make usefull tools in the form of an add-on for navision. For example, let him create an add-on that can automatically export object-text files. I think there are a lot of people who would like to spend money on that [8D]. And i could think of many more shortcommings in Navision that he can solve … [:)] I think he can make alot of money the legal way …
We already had that topic some years ago … anybody remembers “Sven Gustavson” ? He offered a cracked version of Financials 2.XX and Navision was not amused at all. As far as i remember this guy was sitting in Belarus ??? So it seems they never did anything to fix the problem … the only thing they did was chasing that guy and trying to keep the problem quiet. Now what does that mean ? Somebody needs only a TCP/IP-connection to you database-server and this cracked client. Then all access is granted. And the problem is known fo a couple of years … I guess we should hope for more such guys selling cracked versions to force MBS to do something about their security-concept.
There is no such thing as software that can not be hacked. Have a search on “hack” on the internet and you’ll realize most software has been hacked. I believe it is impossible to 100% protect your software against reverse engineering. The only solution then is chase the hackers (crackers). I therefore think the Navision security-concept is doing quite well. When you have a TCP/Client you still need to bypass the firewall to connect to the DB and even a cracked version wouldn’t do that.
The 4.0 release is subject to a security push and will have tightened security. Since all programs can be reverse engineered given time, the flow of control can be changed which means things like bypassing security checks can be done with a rogue client - it is therefore necessary to do security checking on the server (which is a more secure environment - at least, if this is hacked there is little hope left). This is done in 4.0 for permission checking. A rogue client cannot get more permissions than the logged in user has - moreover a hacker must be an authenticated user on the server. Firewalls cannot do anything about a rogue client because it is about changing what the client sends to the server, or perhaps not calling the server at all. Firewalls cannot know if the client is making a valid call or not. The license file checking is always done in combination with the permissions; that is it does not give more access than the permissions but further resticts access. A rogue client that can bypass license permission checking does not (in 4.0) get unauthorised access, but does possibly get functionality not purchased in the license. This is not a security risk for the database but an abuse of the license file (like using someone elses).
Besides your friend being in danger of getting arrested, in the Netherlands you would be accessory because you know what he has done and did not go to the police. Therefore, you could be arrested also… [:D] Besides this, no serious selfrespecting firm will purchase a cracked version of navision. You can’t use it, because no solution center will support you (and you can’t risk asking them), and when you start developing using this licence your NSC will find out very soon. In other words, his whole action is pointles…
Your friend is a hero. Break the grasp that these withered old feeble men have. Break their grasp and then break their spirits.