Comment by burnt-resistor

There's many ways to do it: JMP (absolute or relative), NOP if fall-through is acceptance, or less favorably: invert the JMPcc such that invalid input becomes valid.

If I were a paranoid DOS-compatible publisher of expensive software, I would add layers of checks:

- checksum the entire executable on disk, at different points

- checksum the entire program resident in memory, at different points

- use a serial number and activation verification system based on public key cryptography and hardware attributes, and spread those checks around critical functionality. Store the activation code in the end of the root directory as phantom deleted file entries.

Ultimately though, does the increase in hassles and decrease in goodwill create more sales than it pushes away? I'd argue that intentionally no-DRM/no-cp software (GOG style) encourages brand goodwill and loyalty and there's even a nonzero conversion funnel from warez to paying customers. Cp is, thus, mostly an exercise in the practice of footgunnery by performative restrictions that do not deter technically-inclined persons. But like a sign that says "restroom for customers only", it doesn't add positive value. If they had instead spent more engineering time on the software and making the software priced for normal humans, they would have had more customers and more profits.

>So you had to add code to detect modifications which itself could be bypassed.

Right, which is why DRM schemes aren't typically implemented in a straightforward way. Instead license checks are added to critical program logic so you can't easily skip it, anti-tamper/debug is added to thwart runtime analysis, and on top of all of this the code is obfuscated to thwart analysis even further. You might be eventually be able to figure it out, but it's designed to make it enough of a slog that nobody bothers to work through it all.