>I'm personally not worried about the odd hacker making my program work, as
>long as he (or she) can't modify the object code to create a copyable
>unprotected version of the original program (which will then show up on a
>CD in China).  Is it really possible for someone to do this?

Yes. All the person has to do is mark down which things they've changed 
in the course of the krack. Then quit the app, make the same changes to 
the app's CODE resources with ResEdit, and boom - permanently 
de-protected app.

>For real protection, is there any way of being able to tell whether the
>user has sent your program to Macsbug and back?  Maybe by checking the
>trace bit of the system byte or the program counter values?

Not really. MacsBug takes good care to make sure that all registers look 
the same before and after invocation. I imagine you might be able to 
install an interrupt that would detect the command-power key and thus 
notice when the user is dropping into MacsBug. But this would be a 
nuisance to debug, might not even work, and would probably cause conflict 
problems as well. (And you could still get around it by digging with a 
static disassembler.)

The simple fact is this: Anything that runs can be traced and 
disassembled. Anything that can be traced can be patched. Thus the only 
way you can protect your program against a cracker is to wear out his 
patience - and given the sheer persistence some of these people exhibit, 
that's pretty hard to do.

-Mars