Our guest is Ivan Permyakov, CEO at VMProtect Software. The company produces VMProtect, a next generation software piracy protection solution that uses an embedded virtual machine to render code extremely difficult to analyze.
- Ivan, it is our pleasure to interview you. Could you please tell us a little about yourself, and your responsibilities at VMProtect Software?
Hi. I'm 35, I live in Yekaterinburg, married and have a daughter. For the last 10 years I've been putting almost all my energy into VMProtect development. Our VMProtect team is not huge, so I have to do everything: from managing to coding. But that's okay - I wouldn't want to be a full-time manager :)
- How did you get into the software industry? What did you start with?
I started with accounting software. In fact it was pretty good, it was a good experience for me, as I could see the need to protect a software product. VMProtect is the result of my first software protection development work. At that time it was very different than today's VMProtect. And it's hard to imagine it was distributed for free. :)
- So why did you choose code virtualization?
At that time software protection was no more than code encryption and decryption before or during execution. This approach required us to constantly combat not only hackers but new Windows versions where changes occurred from time to time. Virtualization is a completely algorithmic task with very minimal influence from the operating system. There are no issues with multi-threading, no barriers to protect drivers. In general, only advantages.
The fact that almost all our competitors have just started to implement something similar means we made the right choice 10 years ago.
- I think our readers would be interested to know about advantages of your protection solution, what makes it different from competitors?
As I mentioned, the main advantage is the fundamentally different approach to code protection. It allows us to support more file types: EXE, DLL-files, drivers. Both 32-bit and 64-bit code is supported, as well as all relevant Windows versions.
Its second advantage also comes from the code protection method. As a result of virtualization the "native" application code will never be in memory. In other words, VMProtect doesn't encrypt the code, it modifies it, turning one command into a few dozen other commands, in a different way each time, and mixing them up. It would be a "pleasure" to hack this code, which is why we're not welcome on the hacker's forums. They keep saying that a universal hacking tool is coming soon. It's been that way for years, maybe three already. So we're looking forward to its release :)
Talking seriously, though, these are just a few of our customers: NCSoft, CyberLink, Daemon Tools. Their products are used by millions, and they use VMProtect.
- In your opinion, what should software developers consider when choosing protection solution? Are there any common issues that they should pay attention to right away?
There are 3 possible problems with software protection:
- The software stops working after protection has been applied.
- Protection can be easily hacked.
- Anti-virus software alerts triggered by the protected file.
All other issues are nothing compared with these three. So what should be kept in mind when choosing a protection tool? Always download the demo-version and try to protect your software. Test its stability, upload it to virustotal.com and see the reaction of the top anti-virus tools. Usually they like demo-versions less, because they have the same code signatures, and show more loyalty to full versions. But for almost unknown protection systems, the antivirus check is very important.
When it comes to hackers, it's a good idea to dig for information on the hacker's forums like cracklab.ru or ask colleagues in the software industry who uses what solution, and how they fare with hacked versions. A final decision should be made after these three points are considered.
If you apply these criteria to VMProtect, you'll get the following picture:
- The protection doesn't make the software stop working - all growth issues are already solved. Moreover, the protection may even help you find errors in the product that haven't been found before.
- I've already said what hackers think about us.
- Regarding anti-virus tools... we cooperate with the main anti-virus companies. We see issues very rarely, and when we do, they are solved very fast. In addition, we are a member of the IEEE Anti-Malware Group that unites the main anti-virus companies. So you won't have any headache with us.
- As we know, VMProtect Software was founded in 2000. 11 years is an advanced age for a software company. What, in your opinion, helped you to become one of the leading companies in the software protection industry?
For sure the most important thing for us was our initial decision not to use the standard software protection methods. Our competitors are just now implementing what we did several years ago. But, of course, we're not standing still... we're always moving forward.
- And finally, what would you like to tell our subscribers?
I would like to wish all of you more sales and fewer problems. In any case, we can help you solve one of these for sure :)
- Ivan, thanks a lot for your time and for a very interesting interview!