Here's a brief list of things (NOT) to do when picking a vendor for copy protection software:
- Make sure from their website they have no phone number, physical address, or any way to contact them except through a form. Hey, it's a virtual world! Who needs offices and employees and phones? C'mon! What you want, when it's hard on the deadline and the tool isn't working, is a vendor with a webform on the "contact us" page. The mystery of wondering if you'll ever hear back from them, or even what time zone they're located in, will keep life interesting for you.
- Don't sweat the details. If they tell you their solution can't be cracked, why question it? The specifics of exactly HOW they keep 12 year old nerds with bad complexions in Belarus from cracking their "protection" in exactly 6 minutes are irrelevant, aren't they?
- Make sure that the application has to "phone home" every time it starts. This will delight any users who want to run it without an Internet connection. Or when the server crashes. When, not if.
- Ensure that the entire protection scheme decomposes into a challenge-response test. That will make it super-easy to crack.
- Just ignore the problem. After all, anything you do will just get cracked, right?