Quote:
How would Party go about detecting it and how easy would it be for the developer to change the program name or process names in various updates?
If you simply change the name of the executable, then this will change the process name for you.
BUT, this is not the way Party will detect it and they will most likely dump the contents of the process using the ReadProcessMemory() function, then match a signature to it (basically the same way as a virus killer finds resident viruses).
If you want then you have a few options to avoid this (in order of complexity):
(1) Run ProcessGuard and protect the FreePHG process from being read by other processes.
(2) Edit the source code by moving the functions around, add some extra junk code to pad it out and recompile using different compiler options to what I have used.
(3) Read up on
Runtime-Polymorphic-Encryptors (as used in viruses), and add a simple Polymorphic XOR encryptor to the code. This will slow it down slightly as it will have to decrypt its code segments each cycle, but it will stop the ReadProcessMemory() + signature testing trick dead. Party will then require a fairly advanced heuristic to detect FreePHG (NOTE: This must be runtime polymorphic, therefore using something like "Yoda's Cryptor" [which is "loadtime polymorphic"] will not be much help...).
Atm it is not clear if they are against this mining technique, but if sometime in the future they do clamp down and decide to ban FPHG or data-mining in general (like Stars have for example), then I myself will
not be carrying on data-mining and will not be updating any banned code to do workarounds like I mentioned above. FPHG will always remain open-source, so if others decide to do write workarounds, then they can if they so wish...
Juk