Is there a way to get some sort of unique identifier for an outlook installation?
I’ll explain more.
I’m looking at developing a outlook ribbon add-on (and owa addon with the VSTO) where you can run actions based on specific types of messages coming in. The actions would be API calls to a backend service.
I need a way to uniquely identify an outlook installation. Not just the userid or mailboxid because users can roam around. Likewise IP address is DHCP so that’s no good either.
Any ideas?
During installation, like Slava suggested, or at very first Outlook run with your add-in installed you may generate the required ID, for example, using the following code:
Guid.NewGuid()
See the Guid structure for more information. A GUID is a 128-bit integer (16 bytes) that can be used across all computers and networks wherever a unique identifier is required. Such an identifier has a very low probability of being duplicated.
Related
I am trying to develop an application on class attendance using fingerprint. Through rigorous research, I found out that I can use 'flexcodesdk' for my Vb.net program.
But the issue is that for every fingerprint scanner (Digitalpersona) there is needed to register it on flexcodesdk site to get series of API keys. What am I going to do about this issue because once I change the fingerprint scanner of similar product, it will complain of registration invalid.
Many developer develop applications an any body can use different scanner regardless of the serial number.
Help me out gurus in the house.
It appears that their FAQ states that each license is tied to a specific device.
How many devices that can be used in one FlexCode SDK license ?
Only the device that you submitted the registration number.
This means that each new device needs to be registered into their system in order to provide you with a new license for their SDK.
This seems quite a restricting model.
Perhaps you might want to consider the free and open source c# implementation at https://www.codeproject.com/Articles/97590/A-Framework-in-C-for-Fingerprint-Verification
I have successfully created multiple applications using this framework.
We intend to sell our framework on the net ,and it needs to be protected in a matter than if someone buying it, he can't put it on the net, or give it to other developers .
We dont want to find it all over the net after a few months.
I had a few ways in mind but each had its catch .
Give a unique ID to every developer, and program that id to the framework, so he must enter that to use it. problem is ,that he can give the framework with the id to anyone .
Ask for the device number and enable only that device in my framework for each developer. problem here is that when he put it on store, all users cant use that since they have others device id.
Use the net to check some how(??) which i preferred not to limit the users to that need.
I can program each framework with a code, that only me can extract, so when i find it on the net i can be sure what dev put it in there (it doesn't help-i cant sue everyone)
Is there any other way to make the framework per developer but also let it work on all other users at the appstore when its there ?
Thanks .
#diederikh makes very good points, and NicolasMiari also provides good insight. The best answer IMO is a combination of these two. (While keeping in mind diederikh's excellent advice that your goal is to come up with something simple that will make things hard on legitimate customers.)
Rather than recompiling your entire framework for every customer, you make your license key depend on their bundle identifier. They send you their bundle ID. You use your private key and sign their bundle id. This provides you a hash that you send to them. Now, at runtime, your framework uses the public key (which is not sensitive; you could publish it anywhere) to verify your signature. See SecKeyRawVerify() for doing that on iOS.
You can use this approach to create time-limited keys. Just include time stamps in the signed data.
Using this approach, you could, if you wanted, let customers test your framework indefinitely by using your bundle identifier. You would make a signed hash of that identifier available to trial customers. But as soon as they want to upload to AppStore, they would have to change the identifier and pay you for a new signed key.
There certainly is a way to get around this. Attackers could modify your framework to ignore the signature verification. But that's always true, and preventing that is better done with lawyers after the fact than with DRM that will only likely cause trouble for paying customers.
Look at how PSPDFKit does it. If you want to use it out of demo mode you'll have to call a method with an unique ID. This ID will enable functionality which is not available in demo mode.
You can also sign (with the codesign tool) the framework with an unique certificate for each customer.
I would not worry too much; if will always find a way around your locks.
The task I am looking at is to automate the process of creating new users on a Lync 2010 server. Looking at the Lync Server SDK, this only allows creating new phone calls and sending IM. I'm looking for an interface to automate administrative task.
What I don't want to do in first place is to parse the web interface. Does anyone know of anything that might help?
There is a certain number of PowerShell cmdlets I wasnt aware of. The complete list can be found in the Documentation.
I don't find the good step-by-step guide I once came across, but there are several others out there that descript how you connect your PowerShell to the Lync Server (like this).
I haven't tested any of these scripts, but Microsoft also provides a list of useful scripts to administrate Lync (link).
The problem I was initially looking for was: How do I hide disabled user accounts in the Lync Contact list. This can be done by ticking the checkbox "Hide user from global address list" in Exchange (Note: when this is done via e.g. VBScript it takes some time before the GAL is updated, in my case the account first vanished from GAL and the next morning it also disappeared from the Lync Contact List).
I have a COM Outlook addin programmed in C++ (VS2005). I'm trying to see if within this addin I can get a random user or resource and see if it is available during a certain meeting time. Basically I'm trying to do something like getuseravailability() from the 2007 Exchange Web Service api listed below.
getuseravailability
Is this the only way to get this information? I've been looking through CDO, ADSI, MAPI and the Outlook object model but can't find anything else like it. I'm avoiding using web services because the Exchange Servers I run against may not have it enabled/ may not be Exchange 2007. And also, I'm hoping for a COM api easily integrated with the existing Outlook COM addin, was really hoping for an OOM solution.
Am I wrong or would the webservices sdk require .net to be installed on the machine running the addin as well?
I believe I've found a way to do this with CDO. Will be trying a sample app for this to see if it does what I think it does.
http://msdn.microsoft.com/en-us/library/ms870482%28EXCHG.65%29.aspx
I didn't find this earlier because the MSDN library's default view doesn't easily let you browse through the table of contents for a section. You have to go into MSDNs preferences and choose "Classic View" to get the table of contents view on the left.
I have developed a small software. I want to provide and run it commercially only. I want it to be run in the machines who have purchased it from me.
If someone copies it from my clients computer and runs it in next computer, I would like to stop functioning/running the software.
What can be the ways to prevent the piracy of my software?
Adaption of one of my previous answers:
There are a few ways to "activate" copied software to try to stop casual copying of the application.
In the most simplistic case, a registration code ("CD key") purchased from you, possibly via your website, and it is sent to the user who enters it into the program or installer. The whole process can basically be done offline; the program itself locally determines that the code is valid or invalid.
This is nice and easy, but it extremely vulnerable to key sharing - since there's no "phoning home" then the application cannot know that thousands of different people are all using the same key that they got off the internet or a serial library or their friend. It's also reasonably easy to make "keygens" which generate valid-seeming keys that were never actually issued by the developers.
Then we get into online registration. You still have some kind of code, but the program will phone home back to the server to determine whether the code is valid and usually unique. This stops basic key sharing, because the company knows if too many people from all over the world are all using the same key. Perhaps there is some kind of identification involved using MAC address, too, with infinite registrations allowed on the same hardware but maybe a limited number on what appears to be a different computer.
This is still pretty easy and stops simple key sharing. People will actually have to get into cracking the software or faking the server response to get past it.
Sometimes the program itself is partially/mostly encrypted and is only decrypted by the online registration step. Depending on how well this is obfuscated then it can be pretty difficult and time consuming to crack. Bioshock was a high-profile example of this - debuting with a brand new encryption/copy protection scheme that took around two weeks from release to be broken.
Finally, a particularly guarded application might stay in constant contact with the server, refusing to work at all if the connection is severed.
If you know for sure that all your users will all have reliable internet connections then it can be considered quite a strong way to protect the app, at the cost of privacy and some user distrust of the spyware.
In this case to get around the activation they would need to fake the server itself. Steam emulators and private WoW servers are an example of this.
And in the end, nothing is uncrackable.
In a nutshell: you can't.
Even very sofisticated systems (e.g. dongle keys) can be circumvented.
I guess your best call is to give a code to your customers and have an online check for that code, so that it cannot be used twice.
Of course, that can be circumvented too but...
As nico said you really can't.
A simple solution might be to generate (registration/activation) codes that are based on hardware or software installed on the particular computer - eg video card serial id or c:/windows creation time.
I have one idea may be it works.
What we can do, we will make an encorrupted database field and that field will be empty for the first time as soon as i install my software to some machine it will read the Mac Address + Mother Board Serial + Processor ID and make an encorrupted value with the combination of these three and write in to that field which i left empty for the first time use.
After that every time my application will read these three values and recreate the encrupptted value in the same manner and compare with the value of that database field. If the value of the database field and the value of the regenerated encrroupted field is equal, that means the computer is same other wise it is installed on some other machine in this case you delete all the code and can make the system unstable to punish the person also :) ...
Please let me know about your opinion about this idea.
The best way is to use some sort of hardware-locking in which your license code contains encrypted info about the machine on which it will run. Your software will then check for this info and match it with the current computer and if the match is successful, the license is deemed valid.
Sure, any scheme can be cracked by someone on the face of the planet, but that does not mean you shouldn't use a protection scheme.
If you are looking for a ready-made scheme for this, have a look at CryptoLicensing.
Companies such as ours (Wibu-Systems), Safe-Net, and Flexera (expensive) offer dongle-free solutions as well as ones based on hardware. But _simon was right in that a dongle is the only iron-clad protection. All software-based systems can be cracked; it's just that some are more difficult than others. Really good hardware-based solutions are effectively uncrackable. No one has yet cracked the CodeMeter stick unless the implementation was flawed.