The next product that I wrote was a simple command-line screen capture utility called ScreenKap. It was written in C. It used the same graphics library that I had purchased for WallShow and WallMake. ScreenKap existed in two forms; a console mode application and a Windows UI application. The UI application didn’t really have a user interface … it just didn’t bring up a dark console window while trying to capture the screen contents.
I experimented with some new forms of copy protection with this utility. I embedded a date into ScreenKap that would force it to stop working after that date. I had previously used dates that needed to be written to files based on the date of the first use and such. I thought this would be an easy way to ensure that no special “write” privileges were needed by the end user. I used to place an expire date of about thirty to forty-five days out or so. Remembering to update the software in a timely manner became kind of a chore. I wouldn’t recommend doing something like that unless you can automate the process.
I also experimented with encrypting all of the string literals in the code. I wrote string constants in kind of a meta language that was near the top of the C program in comments. It would have been something like this:
//def thanks "Thank you for using my software!" //def email "You may contact me at email@example.com" #include "vars.c"
I used an AWK preprocessor to scan through the ScreenKap file, looking for lines that began with //def. The output was then an encoded string in a file called vars.c which I would immediately #include into the main C program. It might’ve looked something like this:
char *thanks="---encrypted stuff here---"; char *email="--even more encrypted stuff here--";
Each time I needed to reference a literal, I would call a decode function that would decrypt the literal on the fly. I was just trying to make it difficult to alter the code’s literal strings. It worked well, but for some reason, this triggered false positives in a whole slew of Anti-Virus products. I don’t know if the encoded strings were standing out as unusual or if the AV software was attempting a heuristic approach to virus detection and couldn’t figure out why an honest software artisan would encrypt their string literals.
It wasn’t that important to me, so I changed the AWK script to generate lines of pure string literals:
char *thanks="Thank you for using my software!"; char *email="You may contact me at firstname.lastname@example.org";
I changed the decrypt function call so that it was basically a benign C macro. I submitted the update to all of the AV vendors and got a clean bill of health within an evening. I have to hand it to the AV companies. I don’t like having my software flagged as being suspicious, but their ticketing systems and remediation processes are pretty smooth and while they do take a little while, they are pretty painless.
I sold ScreenKap via RegSoft for a number of years. When RegSoft closed up shop, I moved it to FastSpring. I’ll talk just a bit more about FastSpring in the next post.
ScreenKap was not a killer application. In fact, I read an Internet post from a guy who was thoroughly disgusted that he needed to pay for command-line screen capture software, so he wrote his own. His take was that desktop software should be free … web software … now, that’s worth paying for. This was becoming a pervasive way of thinking thanks to tablet and smartphone app pricing. After retiring the software in my next post, I also took ScreenKap off the market.
I struggled with whether I needed to provide an open source version of ScreenKap, but I didn’t for a couple of reasons. One was that the source was dependent on a third-party library that I had licensed. The other reason was that I thought that one could probably build a better command-line screen capture utility in C#. I might give that a whirl, some time.