Application Registration

  • Thread starter Thread starter John Smith
  • Start date Start date
J

John Smith

I have nearly finished a new application and we want to protect our
investment.

We have purchased the commercial Dotfuscator and have learnt how to use it.

What is the best way to implement product registration? Is there an example
around?

I have read that some people are using the HD Volume number as a key to
ensure each installation is unique. Is this a good idea?

We want registration to be such that the software generates a key (unknown
to the user) and together with the serial number entered is used by our
server to provide a license key.

I would appreciate pointers on a satisfactory solution.

Thank you
 
John Smith said:
I have nearly finished a new application and we want to protect our
investment.

We have purchased the commercial Dotfuscator and have learnt how to use it.

What is the best way to implement product registration? Is there an example
around?
Click to expand...

It depends on how much protection your user is willing to stand.

If your product is pricey enough and if your users will go for it then
hardware is in order. I think that these guys are the biggest name in that
area

http://www.e-aladin.com

Otherwise sometimes the protection is implemented using long keys which are
"very hard" to guess. When the user registers, the key and a "fingerprint"
of his system are sent to the publisher's server. The server records the key
and makes sure it is not already used and then sends back some magic cookie
derived from the key (and perhaps the fingerprint too) which enables the
software. If the key has been used then you have the nasty problem of trying
to determine whether the user just updated his hardware or if the key is
compromised or if you are dealing with a pirate.

Frankly, I'd advise against rolling your own unless you "do security". It is
a fulltime job, you know when you do it. :-)

I'd google for "software protection" to find products and then for each you
find google its name and "cracks" or "crackz" to see what you are up
against.

Regards,
Will
 
William DePalo said:
[...]
Frankly, I'd advise against rolling your own unless you "do security". It is
a fulltime job, you know when you do it. :-)
Click to expand...

OTOH, beeing a full-time cracker such
commercial systems are highly attractive,
since once you have cracked one of those
you have a whole lot of applications you
can use for free.
[...]
Will
Click to expand...


Schobi

--
(e-mail address removed) is never read
I'm Schobi at suespammers dot org

"Sometimes compilers are so much more reasonable than people."
Scott Meyers
 
Hendrik Schober said:
OTOH, beeing a full-time cracker such
commercial systems are highly attractive,
since once you have cracked one of those
you have a whole lot of applications you
can use for free.
Click to expand...

Well, in some places that makes the practitioner a full-time criminal (felon
here). That's hardly something to boast about.

And it's another reason to favor the hardware. I'm no lawyer but as I
understand it, even in many places in Europe where such software attacks are
not illegal, tampering with a hardware device can get one into trouble given
an appropriate license agreement yada, yada, yada.

Regards,
Will
 
William DePalo said:
Hendrik Schober said:
OTOH, beeing a full-time cracker such
commercial systems are highly attractive,
since once you have cracked one of those
you have a whole lot of applications you
can use for free.
Click to expand...

Well, in some places that makes the practitioner a full-time criminal (felon
here). That's hardly something to boast about.

And it's another reason to favor the hardware. [...]
Click to expand...

Oh, I didn'T think I was talking about
hardware!
Regards,
Will
Click to expand...


Schobi

--
(e-mail address removed) is never read
I'm Schobi at suespammers dot org

"Sometimes compilers are so much more reasonable than people."
Scott Meyers
 
Back
Top