I want to make use of registry to store installation date.
This would allow me to check application expiry on each run, so when I install my application on any PC the registry subkey will be created and store current date as installation date.
I am using Visual Studio Installer Set up and Deployment.
If you have any other suggestion to achieve this, please share.
As a general answer, create a registry item and put the appropriate Windows Installer property there, in this case [Date] in square brackets, case-sensitive, just like you'd put [TARGETDIR] to record the installation folder. This avoids code.
However it is a bad idea, as the comments point out. Apart from the fact that it can be defeated, the poor person that installs it then can't use it for a week is in trouble. You should start the clock on first run of the app. That's fair and accurate.
Otherwise, give each user something unique, maybe a license key, and have the app call into your company's web service on first run, saying "this key started now", then you can check every time the app runs and say no after the timer has expired, then you're using your company's clock, not the user's.
Related
I need to write a key with the date and time to the registry in order to log installations and uninstallations. The format of the keys needs to be [Date]-[Time] (un)install.
I figure that I could easily create a permanent key upon installation using the [Date] and [Time] properties, but it's less obvious how I would create a key upon uninstallation since by definition, uninstalling means removing things and not adding them.
I could use a custom action, but I'm looking for a more standard way of doing things. Does anyone have a suggestion?
You cannot accomplish this with built-in Windows Installer functionality, whose design targets returning the machine to its initial settings after an uninstallation (or a rollback for that matter) completes.
I would push back on this requirement; suggesting instead perhaps an HKCU registry key, or AppData file, maintained by the application that tracks when it was last used. Since that won't be known to Windows Installer, it will be left behind. But it won't be the uninstallation time unless you update it during uninstall (not to mention the question of which user in a multi-user system).
If you have to implement this, it will have to be done as a custom action.
I have a VB.NET application that I would like the user to be able to run for a fixed period, then have it switch to a partially restricted mode. I have the code in place to do that, as well as code to encrypt data. What I need is to be able to track the date the application is first used. And have the date saved somewhere and in a format that the user is not likely to be able to reset it. Is there a preferred way to do this, such as some obscure Registry key?
If it 100 percent requires this, then you need to store the information in your server. This is quite hard to do. If it doesn't need to 100 percent high security, you can use Settings in your application, or the registry. Here is a good tutorial on using settings in your application: http://www.dreamincode.net/forums/topic/72654-using-settings/.
If you want to use the registry, then here is a good tutorial on that: https://msdn.microsoft.com/en-us/library/85t3c3hf.aspx. Note that using the registry requires administrator privileges.
I have one vb.net windows application and I want to deliver it to my client with 1 year validity.
After one year this software will automatically stop working or ask for renewal.
The client PC doesn't have internet access.
Please tell me the secure way for this.
When the program is installed, have it set a registry value with the current date. Then, on every subsequent program start, have it check that registry value against the current time. If more than a year has passed, do whatever you plan on doing to lock up your application.
This post has some excellent info on the specifics of adding, modifying, and accessing registry values in vb.net.
Check the date.
If dateToday > dateProgramSold.AddYears(1) Then
'open form that cant be close saying program is expired
End If
When the program is installed, it should ask for an registration key (they could get it by email, print it off and type it). The key should contain the last day of validity (encrypted). Store the key in the registry (or somewhere else). When the program starts, you check the date inside the key.
If they re-install the end date will stay the same.
When they want to update, just send a new key by email or mail.
The amount of security you put into just could depend on how much you trust the company. Because they could always decompile and crack your software.
I needed to do this for a program I wrote. My final solution included the resolution that you can't be 100% foolproof, so I considered my users and did the best I could with what I had.
Without access to the internet, how does the computer know what date it is? It has to rely on user input for it. So if a user can input it, then a user can change it. There is no foolproof way to get an accurate date from the PC without the the user having access to it. Whether from the OS, the BIOS, etc.
So what I ended up doing was putting an obfuscated key into the registry in an obscure place. HKCU >> Software. I made the key just some letters and numbers {L12A3C0DFF} then I named the key Z0B0 and made the value the obfuscated date. I took the year month and day and ran each one through a different calculation. I ended up with something that looked like DDE011468932.
Each time the program ran it decoded this registry setting to see if a year had passed based on the time in the BIOS. If the date in the BIOS was earlier then this date then they changed it and I would not not allow my program to run.
Also each time the program ran, I checked the date in the BIOS and stored this in the registry in the same way. So I would check to see if they changed the date in the BIOS to an earlier date.
So in order for them to abuse the date restriction of one year, they literally had to change the date in the BIOS every day which I figured was not worth it to them to do, besides, they would have had to figure out where I was getting the date from to begin with, which would take decompiling (and I wasn't selling it to a bunch of programmers). Simply changing the date in the OS wouldn't fool it.
As part of my WIX setup project, I am updating some values in the app config for the service I am installing. One of the attributes is a number, this is the number of the location the service is being installed at.
The location is part of the machine name, for example the machine name might be "location16server". I am trying figure out if I can get a substring or otherwise parse the number out of the machine name so that I may use it to update the .config file. I don't see any ways that are part of WIX, but maybe with a custom action?
Thanks
A custom action would be required. I'd provide caution on this though as you are tightly coupling along a machine name. This might work well in a controlled environment but could cause major headaches down the road. I'd look for some other artifact on the machine to determine location numbers and other configuration data. Perhaps even move it out of the installer and into the application if possible.
Another option is to insert a dialog box that allows the user to enter some optional parameters for the program being installed.
Here are some examples:
http://www.merlinia.com/mdt/WiXTutorial3.msl
http://wix.tramontana.co.hu/tutorial/user-interface/new-link-in-the-chain
For my VB.NET applications, I am wanting the user to have a free trial for x amount of days.
Where is the best place to record the amount of days past?
In the registry? Can't someone just delete the registry key, and then have the full x amount of days again?
Is there a better way?
Anything you store on the user machine could be compromised.
If you are serious about this thing then your "best" option is to have a webservice that your apps call at every startup passing some form of identification string.
(And this could be compromised too).
For the purpose to generate an identification string you could look at this question and the following answers
It doesn't matter where you store something on the local machine because it can always be removed.
A user could start up a Virtual PC install your app, and then roll back the virtual PC after 28 days and install again.
One option is to generate a key that is unique to the machine and then verify this with a web service. This is not completely hacker proof but it is better.
You could add some information to any file saved with the trial version of your app which is unique to that specific version of the app (perhaps a timestamp from when it was installed).
When a trial version of your app tries to open a file, it will check this signature and ensure that it was created with that same instance, otherwise refuse to open the file.
This essentially neuters the ability to simply reinstall the app and continue using it.