How to make sure that Application built is COPY/Piracy Proof

[Pioneer]

Hi,
I would be installing a desktop application on a standalone PC.
How do I make sure that owner should not be ableto copy that and/or
give it to other folks.
In short, how to build measures to avoid piracy?

User ID/Password is one of the ways. But that can anyway be shared.

Thansk for your inputs.
Regards,
Pioneer.

 

[Stefan Hoffmann]

hi,

I would be installing a desktop application on a standalone PC.
How do I make sure that owner should not be ableto copy that and/or
give it to other folks.

This is not possible.


mfG
--> stefan <--

 

[Pioneer]

hi,


This is not possible.

mfG
--> stefan <--

I was thinking on the lines of

-Generating an IP address for that PC and hardcoding that in the
application as a pre condition to run the code.
-Or may be linking the run of application to existance of any file
which would exist in that machine. This ofcourse would be unknown to
owner.
would it be possible?

 

[Stefan Hoffmann]

hi,

-Generating an IP address for that PC and hardcoding that in the
application as a pre condition to run the code.
-Or may be linking the run of application to existance of any file
which would exist in that machine. This ofcourse would be unknown to
owner.
would it be possible?

This is possible, but you can still copy your application and distribute
it...


mfG
--> stefan <--

 

[Pioneer]

What exactly do you mean by "generating" an IP address? PCs either have a
fixed IP address, or they acquire one from a DHCP server. Fixed IP addresses
can be changed through configuration, and an IP address acquired from a DCHP
server might be different every time...


And what if the owner accidentally deleted that file? Your app would stop
working... Or what if they got a new PC - that file wouldn't be on it, so
your app wouldn't work...

Hmm. Your points are valid. But the customer I am looking at is not
that pro in computers. And I am desparate to avoid piracy of my
application. Anyways, can I get a code snippet for IP check? Or how to
get IP of machine through code?

 

[Stefan Hoffmann]

hi,

Hmm. Your points are valid. But the customer I am looking at is not
that pro in computers. And I am desparate to avoid piracy of my
application. Anyways, can I get a code snippet for IP check? Or how to
get IP of machine through code?

Take the user SID and use a public-key encryption. Store the signed SID
in the registry.


mfG
--> stefan <--

 

[GArlington]

Hi,
I would be installing a desktop application on a standalone PC.
How do I make sure that owner should not be ableto copy that and/or
give it to other folks.
In short, how to build measures to avoid piracy?

User ID/Password is one of the ways. But that can anyway be shared.

Thansk for your inputs.
Regards,
Pioneer.

As most replies state you can NOT avoid piracy completely...
You can try to incorporate a "connect to web server each time the
program is started" feature, validate the licence on the server, check
if this licence WAS issued by you after payment (i.e. your own DB),
check if the same licence was used on a different machine in
completely different location (IP Geo locator) shortly before...
When you are doing all this checks you should consider that the person
who bought your software is entitled to:
1) uninstall it from one computer and install it on another at any
time
2) upgrade any OR all components in his/her computer at any time
3) move around the world WITH the computer where the software is
installed or take option 1) at any time
4) wipe his/her HDD and dispose of the computer where the software was
installed (with possible consequence of a third party discovering the
HDD and restoring the software)
there are many other things that he/she is entitled to do...

 

[Mythran]

Hi,
I would be installing a desktop application on a standalone PC.
How do I make sure that owner should not be ableto copy that and/or
give it to other folks.
In short, how to build measures to avoid piracy?

User ID/Password is one of the ways. But that can anyway be shared.

Thansk for your inputs.
Regards,
Pioneer.

Step 1: Make application.
Step 2: Design piracy-proof implementation and implement it.
Step 3: Patent it.
Step 4: Make billions selling licenses for usage of piracy-proof
implementation.

- or -

Step 1: Make application.
Step 2: Use existing implementations of piracy-resistant code.
Step 3: Deploy.
Step 4: Enjoy.


<shrug> Either way should work

As other threads have pointed out, there has not yet been a satisfying
design of "piracy-proofing". Once a "piracy-proof" implementation comes
out, it's cracked within a few hours/days....which then makes it
non-piracy-proof

Mythran

 

[Pioneer]

There are any number of strategies you can try to use to prevent copying  
of your program.

But.  As Stefan has already pointed out to you, making an application  
"piracy proof" is not possible.  If you deliver the code to a customer, 
there will _always_ be the theoretical possibility of them copying it.  
Whether a specific customer has the technical know-how to do that, is a  
separate question.  But it's not possible to guarantee that software  
delivered to a customer can't be copied.

It's hard for me to imagine someone who is literally "desperate to avoid  
piracy" of their software.  What makes you so desperate?  Do you havea  
loved family member being held hostage, and the only way to get them back 
is to keep your program from being pirated?  Or maybe there's a bus  
somewhere that has a bomb on it, and if your software is pirated, the bomb  
will be armed and the bus's cruise control locked at 50 mph?

The fact is, if your market is so small that you have a _specific_  
customer in mind who you suspect would copy your software, what you've got  
is a people problem, not a software problem.  That's a market so small  
that if someone is using your software in an unauthorized manner, it  
should be easy enough for you to know simply because they aren't buying a 
license you know they should be buying.  And you should deal with a  
situation like that by asserting your legal rights, rather than wasting  
time on copy protection that may not be effective.

Keep in mind also that copy protection that has the possibility of a  
failure mode in which it incorrectly detects the software as being pirated  
will generally _lead_ to illegal copying that otherwise would not have  
occurred.  Customers really don't like it when they pay good money for a  
product only to have that product refuse to work, and they start figuring 
out that a hacked version without the copy protection (i.e. a pirated  
version) is a better deal.  Even in a small market where a hacked version  
is less likely to be created, it can easily lead to lost sales.  And if 
you have only one customer, that can be _really_ bad for business.

These are just a handful of the strong arguments against wasting time on  
copy protection.

You need to ask yourself: "what is it about my business model that would  
lead my customer to pirate my software".  Then address _that_.  Trying to  
lock down the software itself is full of heartbreak and misery, and can  
only lead to disappointment.

Pete

Hey Pete, I got the point. But avoid using family hostage kinda stuff
in these professional groups. It doesnt look good.

 

[David Connet]

Hmm. Your points are valid. But the customer I am looking at is not
that pro in computers. And I am desparate to avoid piracy of my
application. Anyways, can I get a code snippet for IP check? Or how to
get IP of machine through code?

As Mark pointed out, you _really_ don't want to tie it to an IP address.
With DHCP, that _will_ change. A MAC address, on the other, is not as
likely to change. (Until the card is swapped out for a new one...)

Rather than trying to roll your own, I would look into prior work. (Good
copy protection is hard) Google is your friend... But remember, no copy
protection is unbreakable. It's a balance between pissing off your users
and protecting your work. (For instance, after reading about how the
protection on Spore works, I refuse to buy it...)

Dave