0

Here's the situation. I have created an application using nw.js, which is great because I like using html, css and javascript. However now I would like to sell this application. What I'd like to do is make a small wrapper application in objective-c that will verify the users serial number and provide some level of copy protection. In my mind I imagine having an application that would be in objective-c. That would start and verify the user, then if the user was legitimate it would unpack some essential files into the nw.js bundle and start that application.

Now the nw.js executable is already in an application package, what I'd like to do is nest that package inside the objective-c one and then run it at the appropriate time. Can anyone advise on whether this is possible and if not how else I could approach the problem to secure my application.

Thanks for any help.

JohnBo
  • 109
  • 3
  • 10
  • That's not awfully helpful. Besides no copy protection is unbeatable, it's more about making it less convenient to crack it then it is to buy. – JohnBo Feb 14 '17 at 21:41

3 Answers3

1

There's no problem with this, and nesting applications this way is pretty common on OS X (since you say ".app" I'm assuming this is OS X, and not iOS. This is impossible on iOS). I doubt it'll be particularly effective as a copy-protection mechanism, but that's a completely different question (see the links for several discussions on this topic).

To the question of "what would be highly effective?" unfortunately the answer is "if you have to ask on Stack Overflow, then nothing you do is likely to be highly effective; do something simple and move on." It doesn't mean you're a bad programmer or anything; it's just that copy protection is a game of obfuscation, and if you're using things you found on Stack Overflow, they're probably not that obfuscated. Anything you come up with over a week probably isn't that obfuscated. And if you do come up with something really good, you'll still need to keep updating it regularly every time it gets broken. Apple has a whole team devoted to this, and they control every part of the system including the hardware, and still there are jailbreaks.

Again, that doesn't mean you can't do anything. You can stop a few people, maybe, particularly if your app isn't that interesting. But don't waste too much time on it, because it's not going to be that effective. (If this really is important for your business plan, you should research commercial solutions. I have no recommendations there, but expect to spend some money, and to update to new versions as they're defeated.)

That said, nesting apps isn't hard.

Make the "sub-app" a dependency of your target.

Add a new "Copy Files" Phase to your build:

enter image description here

Set the destination to "Executables" and drag the app bundle here:

enter image description here

When you're to launch it, just find it using NSBundle.pathForResource:... and then launch it with an NSTask.

Community
  • 1
  • 1
Rob Napier
  • 286,113
  • 34
  • 456
  • 610
0

No, you cannot include another .app in an Objective C application!
Gotta create a native one from scratch.

ystack
  • 1,785
  • 12
  • 23
  • But why not? I've just done some experiments and I've been able to include the app package in an xcode project, just copying it into the application folder while it's building. So from there it should be just a matter of executing the application, surely. My nw.js project itself already contains three additional .app files that are required for the framework to work. But how do I execute it from a cocoa application, that's they question. – JohnBo Feb 16 '17 at 00:07
  • This just isn't correct. You absolutely can embed apps in other apps on OS X. It's done all the time. Look at /Applications/iTunes.app/Contents/MacOS/iTunesHelper.app for one of many examples. – Rob Napier Mar 06 '17 at 13:34
0

Actually i would recommend another approach. IF you want to have some level of copy protection you should use nwjc to compile parts of your code to binary. I will explain it to you.

  1. Structure your application that some parts of the application can be protected with nwjc. You do not need to protect everything. Just the parts that are hard to replicate. Keep in Mind that you get a 30% performance loss in with that code. Usually that is not recognizable but could be if you have large portions of code.

  2. Minify your code. I use the yuicompressor. It removes all comments from your code and minifies it. This way it will be very hard if not impossible for another person to read your code. It also improves the performance of your code.

You can add a application as a target in your objective-c project (I did it in my swift project) and make that install. But keep in mind. Once your application loads code into the nwjs application, the code signing is broken and another person can read that code again. As long as nwjs runs you cannot protect the code completely. Therefore you have to use nwjc and minify your js. You can also uglify your js to make it even more unreadable.

Another question that you have to ask yourself. Is my code really that special that no one can replicate it. If someone wants to steal something from you its mostly the innovation. They will make their own framework and write their own code. Good coders can replicate any code whether it is protected or not. They simply analyze the input and the output. So as long as you do not have any crazy mathematical algorithms I doubt that someone will want to steal it if they can replicate it. And even if you have complex code. Protecting parts with nwjc, minifying and uglyfing will make it impossible to read it. Sometimes we have problems reading our own code ;)

Silve2611
  • 2,198
  • 2
  • 34
  • 55