i am making a business application and i cant afford other activation software to protect my software from being pirated. I am looking for some place to save my activation, trial and licence data in user's computer.
I think that if i use compact editions of sql server and give password to it, it will be impossible for any other hacker or cracker to modify activation data and pirate my software? Is this safe or i shoul go for anyother option?
First, you must realize that making it 'impossible' to crack has been tried and tried again by the largest corporations and most sophisticated products- and it has always failed.
Having said that, you can make progress towards encouraging your customers to purchase a license by using a password protected encrypted database, password alone is not enough.
Also, what do you plan on using for your password? Is it going to be hardcoded? Will you salt a hardcoded pwd with something unique to the system its running on? Will that be good enough, I'm assuming if thats all you do breaking it would be fairly trivial- disassemble your code and find the hardcoded password, and figure out how you compute the system unique value.
Please take a look at this other similar SO Question and its answers- some are quite good.
Related
Supposing there were 3 or 4 developers using Mercurial, and all making updates to a project. Right now, usernames are self-configured.
If I pull changes from a colleague, (which may include other changes he pulled from a different colleague), how can I be sure the usernames on each commit actually were authored by that user, and not a different user who might have entered a fake username on that commit?
I assume Mercurial has some solution for this problem built in, perhaps using cryptography to compare the username to the hash and private salt or key or something.
Is there a way to validate authors for each commit? How does this work, and is it possible to do this whilst maintaining the Distributed nature of our Version Control System, or will we need an authenticating server?
You use the GPG extension.
That means you are using an OpenPGP system, and all that entails.
There is a discussion, about the past, present and future of signing.
I have a VB.NET application that I would like the user to be able to run for a fixed period, then have it switch to a partially restricted mode. I have the code in place to do that, as well as code to encrypt data. What I need is to be able to track the date the application is first used. And have the date saved somewhere and in a format that the user is not likely to be able to reset it. Is there a preferred way to do this, such as some obscure Registry key?
If it 100 percent requires this, then you need to store the information in your server. This is quite hard to do. If it doesn't need to 100 percent high security, you can use Settings in your application, or the registry. Here is a good tutorial on using settings in your application: http://www.dreamincode.net/forums/topic/72654-using-settings/.
If you want to use the registry, then here is a good tutorial on that: https://msdn.microsoft.com/en-us/library/85t3c3hf.aspx. Note that using the registry requires administrator privileges.
I wrote a small program in vb.net and I'm looking for a simple way to keep people from just copying the executable and running it on another machine for reverse engineering without the installer. I understand that if people want the program bad enough they will figure out a way to get a hold of it, I'm basically just looking for some kind of deterrent to keep our competitors from walking around and copying it.
Logan,
The bad news is that you cannot stop people from reverse engineering your desktop application. You have 2 options:
Create a web application instead. The code will run securely on your server.
Use Remote Desktop Services. This way you can install your program on your server and let the users use it via RDS. Here is an article that illustrates the concept and how to implement it on Microsoft Azure: https://technet.microsoft.com/en-us/library/cc755055.aspx
The standard approach is to create a license key that will only work on a specific machine and store it in the registry. This can be something as simple as:
When your app starts get a unique machine id (http://www.dreamincode.net/forums/topic/181408-get-unique-machine-ids/)
Perform a one way hash on it
See if this value is stored in the registry
If it isn't, display a dialog displaying the unique machine id and asking for the 'license'
Accept input of the license so they don't need to ask again
You can manually calculate the one way hash yourself for computers that you want to run the software on.
This won't stop a determined hacker but it'll keep the 99.9% of people who can't hack your software honest.
Hai guys,
I ve developed a salary calculating software using vb.net.... Its working fine and i ve converted it to an exe file... My drawback is it can be copied and pasted in another system very easily... I want to generate a key for the exe file and while installing the key should be used and when installation is completed ,the key should not be used again... Is this ya secured one or give me some ideas how it can be done....
There are many product on the market that will help you generate software keys, for example www.softwareshield.com and www.exeshield.com Or simply do a Google Search.
For more serious protection you can use a hardware key that unlocks your software, for example http://www.matrixlock.de/english/index.htm
It all depends on your adience.
If you are targetting end-users / home-users: no matter what you do, your software will be hacked (if it is good enough).
If you target the enterprise: Companies are mostly willing to buy your software, and do not copy to other companies. They have far more to loose when running illegal software. But also they are the first to complain if they cannot distribute your software using their distribution system. And this system will be blocked by your copy protection scheme.
Conclusion: Implement the simplest and cheapest protection scheme you can find. And also find a way you can bypass it easily if you want enterprises as your customer.
You'll need to sign your assembly, and have some form of online authentication process to manage the keys.
Whatever copy protection scheme you implement....just make sure that your paying users don't get a lot of discomfort from it.... You want to keep bad users from copying your software without permission, but when good users get problems because of faults in your copy protection software, you will lose a lot of credit.
Every week I access server logs processed by WebTrends (for about 7 profiles) and copy ad clickthrough and visitor information into Excel spreadsheets. A lot of it is just accessing certain sections and finding the right title and then copying the unique visitor information.
I tried using WebTrends' built-in query tool but that is really poorly done (only uses a drag-and-drop system instead of text-based) and it has a maximum number of parameters and maximum length of queries to query with. As far as I know, the tools in WebTrends are not suitable to my purpose of automating the entire web metrics gathering process.
I've gotten access to the raw server logs, but it seems redundant to parse that given that they are already being processed by WebTrends.
To me it seems very scriptable, but how would I go about doing that? Is screen-scraping an option?
I use ODBC for querying metrics and numbers out of webtrends. We even fill a scorecard with all key performance metrics..
Its in German, but maybe the idea helps you: http://www.web-scorecard.net/
Michael
Which version of WebTrends are you using? Unless this is a very old install, there should be options to schedule these reports to be emailed to you, and also to bookmark queries. Let me know which version it is and I can make some recommendations.