How do hackers hack into programs to decompile and create pirated versions?
By reading and modifying the program code. Your computer must execute the code at some stage for the program to run and as such hackers can look at the code, copy the code and modify the code as they want.
I've heard of hex editing and altering the permission files until access is granted, but what I want to know is if there any way to over come these pesky threats?
There is no way at all.
Mostly they attach a debugger and make their changes using it. For example I can attach a debugger to Warcraft III and mess around with memory values, code etc. I could do the same for StarCraft II as well.
It is possible to detect modifications if the application is to be involved in online play. This is how hackers and cheaters are commonly detected so they can be banned, usually in waves so they are left guessing if they were really caught. The most basic level of this is to start another application in the background, a supervisor, which is responsible for checking the integrity of the game application itself and communicating this data to your servers in a way that is hard to fake. For example send hashes of currently loaded applications, their sizes, check that game code for running game application has hashes that match your official releases, send details of applications and libraries currently being used by the game application, perform some selfdefence by sending hashes of own code, loaded libraries, etc. If you can build up enough evidence that cheating is occurring, eg the presence of a commonly installed and used cheat application, then you can take action and ban the player from online services. If your game is online only and licences are not free this ban has a financial cost associated with it for the user so is not trivial. Be aware that data protection laws must apply when storing, processing and using the defence data you receive so there is some liability involved.
I've discovered that a hex edit can not be done if you constantly close and reopen your program on a new socket, which has worked when I tried hacking myself.
This makes no sense... Programs do not open on sockets. Programs launch an application. Hex editing the application program data always applies but probably cannot be done while the application is loaded. Like wise loaded applications can be modified via a debugger.
Ubisoft and EA have a form of permanently online protection which involves keeping the game program files incomplete. When playing and needing missing program data it gets requested from their servers. Obviously a licence must be registered with an actively logged in account on their servers for you to be able to receive the needed program code. Hackers have slowly built up libraries of the missing program code which can be served via a fake server, however these are often incomplete and need to be rebuilt every patch. The permanent online connectivity requirement causes major usability problems, especially since most of the world has access to really basic, sometimes limited and often unreliable internet.
I've gone further to insure my program can not be simply copied and pasted, it will not run and better yet it will delete it's self on first run if it is a copy. I've also encrypted all userdata, images and sound files used by the program to insure that even if my code is reworked the program will be unable to run all its components.
Sounds like you might be going into a usability nightmare... Program files often get copied around as part of file management. Additionally using the hash of the program itself to encrypt user data is neither safe or maintainable as program updates will wipe all user progress which is a major usability concern. It also is not safe as such encryption is very easy to break, like how people broke the security checksum on StarCraft II banks.
Yet still I can't shake the feeling that a hacker is going to get their hands on my code and laugh at how easy it is to crack
They will just open the executable or library with a debugger or disassembler and look at the code. Even if you encrypt your code with many of the prelaunch encryption methods available they can just wait until the application loads, attach a debugger to it (which interrupts its execution so cannot perform effective self defence) and then read the code as it is loaded into the virtual memory.
You are worrying too much. You can add some basic defence and protection methods, but do not go overboard and especially avoid doing anything invasive and potentially buggy or hard to maintain. People stealing your program code in this day and age is hardly a big concern as long as you keep the source code safe as ultimately the source code is needed to truly publish the program.
Licences, patents and copyrights aren't respected by all countries and authorities
That is a problem with the world. Just like the environment is not respected by all countries, or women rights are not respected by all countries or human rights are not respected by all countries. Ultimately a criminal could come up to you, place a loaded gun at your head and demand you give him the code no matter where you live in the world. Chances of it happening are very slim.
Which is why I need the code secret rather than just labelled as do not touch
In that case use the approach adopted by CAD software. The "trade secret" code used for simulations, modelling and publishing runs on their secure servers with the inputs to and outputs from the code being communicated through the internet. As long as the server is securely operated and physically secure then there is no way people can steal the secret code then as the only access they have to it is via inputs and getting outputs back from it. Just like speaking with a bank clerk at a bank, you can pass in stuff and they can pass out stuff but that is all the interaction you are allowed, with all the money, computers, documents etc being stored safely behind bullet resistant glass in an air tight room.
Not really suitable for real time applications though. However I believe Ubisoft and EA used such a method on top of the code request method above as it can be used for seldom run code which is logically difficult to compute.
Diablo III and World of Warcraft adopt this approach. The actual game state and mechanics is performed on a secure, Blizzard owned, server. The clients are only streamed the results. To this day no one has managed to accurately recreate either a Diablo III or World of Warcraft server, although some majorly flawed attempts have been made. This can work for all games that use state streaming multiplayer, however it does require significant server upkeep.